Which practice ensures that information systems maintain secure settings and minimize drift?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Study for the DSAC-11 Annex C Test with real-time quizzes and multiple-choice questions. Each question offers hints and explanations to enhance your preparedness. Boost your confidence and ensure success in your DSAC-11 Annex C exam!

Multiple Choice

Which practice ensures that information systems maintain secure settings and minimize drift?

Explanation:
Maintaining secure settings and minimizing drift is achieved through secure configuration management. This practice sets and enforces secure baselines for systems, continuously inventories configurations, and automates or coordinates changes so that any deviation from approved, hardened states is quickly detected and corrected. By keeping configurations aligned with security policies and standards, it reduces the risk introduced by misconfigurations and ensures systems stay in a known, trusted state over time. Patch management, incident response, and disaster recovery address other aspects of security and resilience: patch management focuses on applying updates to fix vulnerabilities, incident response handles detected threats, and disaster recovery deals with restoring operations after a disruptive event. None of these ensure ongoing alignment of system settings with approved security baselines the way secure configuration management does.

Maintaining secure settings and minimizing drift is achieved through secure configuration management. This practice sets and enforces secure baselines for systems, continuously inventories configurations, and automates or coordinates changes so that any deviation from approved, hardened states is quickly detected and corrected. By keeping configurations aligned with security policies and standards, it reduces the risk introduced by misconfigurations and ensures systems stay in a known, trusted state over time.

Patch management, incident response, and disaster recovery address other aspects of security and resilience: patch management focuses on applying updates to fix vulnerabilities, incident response handles detected threats, and disaster recovery deals with restoring operations after a disruptive event. None of these ensure ongoing alignment of system settings with approved security baselines the way secure configuration management does.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy