Key Concepts 7.3 Perform configuration management

Question 1

Involves the identification, control, and maintenance of the various
components and settings of an organization’s IT environment. Is essential for maintaining a secure and compliant infrastructure, and for minimizing the
risk of vulnerabilities and misconfigurations.

Answer 1

Configuration management

Question 2

Establishing and maintaining an accurate inventory of all hardware, software,
and network components

Answer 2

Inventory (key activities related to configuration management)

Question 3

Defining and enforcing secure configuration baselines and
standards for all components. Deployment automation can ensure consistent implementation
of configuration baselines.

Answer 3

Baselines and standards(key activities related to configuration management)

Question 4

Implementing change control processes to ensure that all configuration
changes are properly authorized, tested, and documented.

Answer 4

Change management (key activities related to configuration management)

Question 5

Conducting regular configuration audits and assessments to
identify and remediate any deviations or vulnerabilities.

Answer 5

Assessment and audit (key activities related to configuration management)

Question 6

Vulnerability scans and assessments can inform a need for
updates to configuration, such as patching. Integrating configuration management with
vulnerability management and other security processes is important to security.

Answer 6

Vulnerability management (key activities related to configuration management)