Certified Information Systems Security Professional (CISSP) — Question 242

The Chief Information Security Officer (CISO) is to establish a single, centralized, and relational repository to hold all information regarding the software and hardware assets. Which of the following s ions would be the BEST option?

Answer options

• A. Information Security Management System (ISMS)
• B. Configuration Management Database (CMDB)
• C. Security Information and Event Management (SIEM)
• D. Information Technology Asset Management (ITAM)

Correct answer: B

Explanation

The best choice is the Configuration Management Database (CMDB) because it is specifically designed to manage and track configuration items related to IT assets. Options A, C, and D, while useful for specific aspects of information security and asset management, do not provide the centralized relational repository functionality that a CMDB offers.