Exam CISM topic 1 question 332 discussion

The Correct answer is B: Improving the change control process as that is the only one that fixes the issue. Rationale: (A) Is incorrect cause monitoring doesn't fix anything (C) Is incorrect cause monitoring doesn't fix anything (D) Baselines are great, but it doesn't capture any new changes.

The word modification should immediately make everyone think of change management. It's B, look for the key words in the questions.

Change control would better detect or prevent that change

A. Conducting continuous network monitoring

A. Conducting continuous network monitoring. Continuous network monitoring is an important practice for detecting and responding to security incidents promptly. By continuously monitoring the network, suspicious activities, unauthorized changes, and potential compromises can be identified in real-time or at an early stage. This enables the organization to take immediate action to mitigate the impact and prevent further compromises.

Improving the change control process would be the BEST way to prevent future occurrences where a modification to a critical system goes undetected

I like D for this one - Baseline configuration - A documented set of specifications for an information system, or a configuration item within a system, that has been formally reviewed and agreed on at a given point in time, and which can be changed only through change control procedures.

B. Improving the change control process will best help to prevent future occurrences of undetected modifications to critical systems. A robust change control process is essential for ensuring that modifications to critical systems are tracked, approved, and tested before they are implemented. This helps to ensure that any potential vulnerabilities or other issues are identified and addressed before they can be exploited by attackers.