New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 CSSLP Exam - Topic 3 Question 66 Discussion

Actual exam question for ISC2's CSSLP exam
Question #: 66
Topic #: 3
[All CSSLP Questions]

Which of the following components of configuration management involves periodic checks to determine the consistency and completeness of accounting information and to verify that all configuration management policies are being followed?

Show Suggested Answer Hide Answer
Suggested Answer: B

Configuration auditing is a component of configuration management, which involves periodic checks to establish the consistency and

completeness of accounting information and to confirm that all configuration management policies are being followed. Configuration audits are

broken into functional and physical configuration audits. They occur either at delivery or at the moment of effecting the change. A functional

configuration audit ensures that functional and performance attributes of a configuration item are achieved, while a physical configuration

audit ensures that a configuration item is installed in accordance with the requirements of its detailed design documentation.

Answer D is incorrect. The configuration status accounting procedure is the ability to record and report on the configuration baselines

associated with each configuration item at any moment of time. It supports the functional and physical attributes of software at various points

in time, and performs systematic control of accounting to the identified attributes for the purpose of maintaining software integrity and

traceability throughout the software development life cycle.

Answer C is incorrect. Configuration control is a procedure of the Configuration management. Configuration control is a set of

processes and approval stages required to change a configuration item's attributes and to re-baseline them. It supports the change of the

functional and physical attributes of software at various points in time, and performs systematic control of changes to the identified attributes.

Answer A is incorrect. Configuration identification is the process of identifying the attributes that define every aspect of a configuration

item. A configuration item is a product (hardware and/or software) that has an end-user purpose. These attributes are recorded in

configuration documentation and baselined. Baselining an attribute forces formal configuration change control processes to be effected in the

event that these attributes are changed.


by Ernie at Mar 20, 2023, 01:28 PM

Limited Time Offer

25%

Off

Get Premium CSSLP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Tegan
4 months ago
I thought it was A at first, but B is more accurate.
upvoted 0 times
...
Amber
4 months ago
Nah, I think it's C, Configuration Control.
upvoted 0 times
...
Xochitl
4 months ago
Wait, is it really just about auditing? Seems too simple.
upvoted 0 times
...
Chantay
4 months ago
I agree, B makes the most sense.
upvoted 0 times
...
Kimberlie
4 months ago
It's definitely B, Configuration Auditing!
upvoted 0 times
...
Tracie
5 months ago
I'm leaning towards Configuration Auditing too, but I keep mixing it up with Configuration Identification. Need to double-check my notes!
upvoted 0 times
...
Derick
5 months ago
Configuration Status Accounting seems like it could be related, but I feel like it focuses more on tracking rather than the auditing process.
upvoted 0 times
...
Cassi
5 months ago
I remember practicing a similar question, and I think Configuration Control was more about managing changes rather than auditing.
upvoted 0 times
...
Octavio
5 months ago
I think the answer might be Configuration Auditing, but I'm not entirely sure. It sounds like the right fit for checking consistency and completeness.
upvoted 0 times
...
Peggie
5 months ago
Based on my experience, the best approach for mutual VPN gateway authentication is to use a combination of PKI certificates and dynamic OTP. This ensures a high level of security while also being practical to implement and maintain.
upvoted 0 times
...
Royal
5 months ago
Hmm, this is a lot of information to cover in the contract. I'll need to make sure I don't miss any of the important details like the scope, principles, requirements, and delivery plan.
upvoted 0 times
...
Curtis
5 months ago
I'm leaning towards option A - the combination of SAS 10K and FMD drives in an HDT pool seems like it would provide the consistent performance the application needs. The low hit rates make me think we don't need the full power of an all-FMD pool.
upvoted 0 times
...
Louvenia
5 months ago
Hmm, this is a tricky one. I'm not sure if the HTTP(S) load balancer would preserve the source IP since it operates at a higher layer.
upvoted 0 times
...

Save Cancel