nerdexam
(ISC)2

CISSP · Question #257

Which of the following is the MAIN reason for using configuration management?

The correct answer is D. To provide consistency in security controls. Configuration management ensures systems are built and maintained consistently using defined baselines, which directly supports uniform application of security controls across an environment.

Submitted by joshua94· Mar 5, 2026Security Operations

Question

Which of the following is the MAIN reason for using configuration management?

Options

  • ATo provide centralized administration
  • BTo reduce the number of changes
  • CTo reduce errors during upgrades
  • DTo provide consistency in security controls

How the community answered

(32 responses)
  • B
    3% (1)
  • C
    3% (1)
  • D
    94% (30)

Why each option

Configuration management ensures systems are built and maintained consistently using defined baselines, which directly supports uniform application of security controls across an environment.

ATo provide centralized administration

Centralized administration is a characteristic of certain management tools (e.g., SIEM, directory services), but it is not the defining purpose of configuration management itself.

BTo reduce the number of changes

Configuration management does not aim to reduce the number of changes; rather, it controls and tracks changes to ensure they are applied correctly and consistently against a defined baseline.

CTo reduce errors during upgrades

While configuration management can help reduce errors during upgrades by providing documented baselines, this is a secondary benefit rather than the main reason for its use.

DTo provide consistency in security controlsCorrect

The primary purpose of configuration management is to establish and enforce standardized baselines across systems, ensuring that security controls such as patch levels, firewall rules, and hardening settings are applied consistently. Without configuration management, systems can drift from their secure baseline, creating uneven security postures and exploitable gaps. Consistency in security controls is the foundational security outcome that configuration management is designed to achieve.

Concept tested: Purpose and goals of configuration management

Source: https://csrc.nist.gov/publications/detail/sp/800-128/final

Topics

#configuration management#security controls#consistency#baselines

Community Discussion

No community discussion yet for this question.

Full CISSP Practice