ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
Your organization has purchased a new network-attached storage appliance that will host sensitive project data. Before placing the appliance into production, you are asked to carry out tasks associated with the Implementation/Assessment phase of the asset management lifecycle. Which action BEST satisfies this phase's security requirements?
Add the appliance to the configuration management database (CMDB) and record its expected end-of-life date.
Run an authenticated vulnerability scan on the appliance and compare the results to the organization's hardened configuration baseline.
Perform a three-pass DoD 5220.22-M wipe of all disks before connecting the appliance to the network.
Submit a Request for Change (RFC) to the Change Advisory Board that includes detailed rollback procedures.
During the Implementation/Assessment phase, the focus is on securely configuring the asset, validating the effectiveness of security controls, and identifying residual vulnerabilities before the asset is made operational. Running an authenticated vulnerability scan and comparing the findings against the organization's approved security baseline directly addresses those objectives.
Tagging the device in the CMDB and recording vendor EOL information is part of the inventory activity that follows acquisition.
Purging data with a DoD wipe utility is a disposal activity carried out at end-of-life, not during implementation.
Submitting a formal Request for Change is a change-management step; although important, it does not by itself assess whether the appliance meets the required security controls. Therefore, conducting a vulnerability scan and validating the results against the baseline is the most appropriate action for this phase.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a configuration management database (CMDB)?
Open an interactive chat with Bash
What is a hardened configuration baseline?
Open an interactive chat with Bash
What is the Implementation/Assessment phase of the asset management lifecycle?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Security Concepts and Practices
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .