ISC2 Exam CSSLP Topic 4 Question 14 Discussion

The configuration status accounting procedure is the ability to record and report on the configuration baselines associated with each

configuration item at any moment of time. It supports the functional and physical attributes of software at various points in time, and performs

systematic control of accounting to the identified attributes for the purpose of maintaining software integrity and traceability throughout the

software development life cycle. The configuration status and accounting process keeps track of the changes so that the latest acceptable

configuration specifications are readily available.

Answer C is incorrect. The verification and audit processes seek to establish a high level of confidence in how well the Configuration

Management activity is working.

Answer A is incorrect. Configuration control is a procedure of the Configuration management. Configuration control is a set of processes

and approval stages required to change a configuration item's attributes and to re-baseline them. It supports the change of the functional

and physical attributes of software at various points in time, and performs systematic control of changes to the identified attributes.

Answer D is incorrect. Configuration identification is the process of identifying the attributes that define every aspect of a configuration

item. A configuration item is a product (hardware and/or software) that has an end-user purpose. These attributes are recorded in

configuration documentation and baselined. Baselining an attribute forces formal configuration change control processes to be effected in the

event that these attributes are changed.