CERTIFIED-IN-CYBERSECURITY Question #566: Real Exam Question with Answer & Explanation

Question

What is the primary goal of Change Management in cybersecurity?

Options

• AEnsure that all environments are free from vulnerabilities
• BDetect new vulnerabilities in the system
• CCreate patches to correct vulnerabilities
• DRelease software without introducing new vulnerabilities

Explanation

The primary goal of change management in cybersecurity is to release software without introducing new vulnerabilities (see ISC2 Study Guide, Chapter 5, Module 3). Change management is a systematic approach to managing all changes made to a system. Its primary goal is to ensure that changes are implemented in a controlled manner that minimizes the risk of introducing new vulnerabilities into the system. For example, when a software development team plans to release a new feature, it would follow a change management process to ensure that the new feature does not introduce new security vulnerabilities. The other options do not reflect the primary goal of change management. Detecting new vulnerabilities in the system is an important part of cybersecurity, but it is typically the role of vulnerability management or penetration testing, management. Creating patches to fix vulnerabilities is also an important aspect of maintaining system security, but again, it is not the primary goal of change management. Ensuring that all environments are free of vulnerabilities is a desirable outcome of good cybersecurity practices in the software development lifecycle

No community discussion yet for this question.