Finding Definitions for Configurable Items and Configuration Settings

Configurable Items and Configuration Settings are among the most technical terms that the UCF handles. According to the NIST Glossary a Configurable Item (or configuration item) is an item or aggregation of hardware, software, or both, that is designated for configuration management and treated as a single entity in the configuration management process. From the same source, a Configuration Setting is a set of parameters that can be changed in hardware, software, and/or firmware that affect the security posture and/or functionality of the information system (i.e. enable/disable).

Some sources that can help you find definitions:

• Technical documentation for the assets being configured. This is the most likely source for provider-specific terms, such as "NSX-T Distributed Firewall.

• Documentation maintained by other service providers such as:

  • VMware Docs Home

  • Technical documentation

  • https://access.redhat.com/products/

  • Home

    • Another potential resource for configuration definitions are Tenable’s Audit Item search. This aggregates configuration controls from Security Technical Implementation Guides (STIGS) and provides information on those controls including Control Information, Control Solution, and links to associated STIGs. Control information often includes term definitions or information that can be used when creating definitions.

      • EG, searching "NTP service" generates results such as "2.1.1.3 Ensure ntp is configured - daemon", where you can find definitions and additional information for "NTP."