nerdexam
(ISC)2

CISSP · Question #922

Which of the following management process allows ONLY those services required for users to accomplish their tasks, change default user passwords, and set servers to retrieve antivirus updates?

The correct answer is A. Configuration. Configuration management involves hardening systems by limiting services, changing default credentials, and managing security settings like antivirus update sources.

Submitted by lukas.cz· Mar 5, 2026Security Operations

Question

Which of the following management process allows ONLY those services required for users to accomplish their tasks, change default user passwords, and set servers to retrieve antivirus updates?

Options

  • AConfiguration
  • BIdentity
  • CCompliance
  • DPatch

How the community answered

(16 responses)
  • A
    94% (15)
  • D
    6% (1)

Why each option

Configuration management involves hardening systems by limiting services, changing default credentials, and managing security settings like antivirus update sources.

AConfigurationCorrect

Configuration management encompasses the process of hardening systems and servers by enabling only necessary services (principle of least functionality), changing default passwords to prevent unauthorized access, and setting systems to retrieve antivirus updates from approved sources. These are all baseline configuration and hardening activities that define the secure state of a system, which is the core function of configuration management.

BIdentity

Identity management focuses on managing user identities, authentication, and authorization (e.g., provisioning accounts and roles), not on controlling system services or antivirus update settings.

CCompliance

Compliance management involves auditing and verifying that systems adhere to regulatory standards and policies, rather than actively configuring or hardening the systems themselves.

DPatch

Patch management specifically addresses the process of identifying, testing, and applying software updates and security patches to fix vulnerabilities, not the broader hardening tasks like disabling services or changing default passwords.

Concept tested: Configuration management and system hardening principles

Source: https://csrc.nist.gov/publications/detail/sp/800-128/final

Topics

#configuration management#hardening#least privilege

Community Discussion

No community discussion yet for this question.

Full CISSP Practice