A large financial organization is experiencing consistency issues with its production applications after recent system updates. The CISO has determined that the root cause is inadequate tracking and control of IT asset changes during the operations phase. What should be implemented to best address this issue?
Configuration Management Database (CMDB) is the correct answer because it provides a centralized repository for information about all configuration items (CIs) in the IT environment. During the operations and maintenance phase of the information system lifecycle, a CMDB helps track relationships between system components, manage changes to the infrastructure, and maintain an authoritative record of the system state. This allows the organization to understand dependencies between components, analyze the impact of changes before implementation, and quickly identify what changed when issues arise.
A vulnerability management system focuses on identifying and addressing security vulnerabilities rather than tracking system configurations and changes. While incident response procedures are important, they are reactive measures that wouldn't prevent systemic change control issues. Disaster recovery plans focus on recovering systems after major disruptions, not on day-to-day management of changes during normal operations.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a Configuration Management Database (CMDB)?
Open an interactive chat with Bash
What are configuration items (CIs) and why are they important?
Open an interactive chat with Bash
How does a CMDB help in change management?
Open an interactive chat with Bash
ISC2 CISSP
Security Architecture and Engineering
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access