|1. Configuration refers to how the organisation's information assets are tuned to fulfill their roles and to enhance the level of security.
Notes: If the information assets are only configured to fulfill their roles, inherent vulnerabilities threatening them will increase.
2. Within a substation context, there are multiple types of configuration. One type is specific to a device, such as the number of boards and the configuration of each board. This type of configuration is generally static and defined during commissioning. Another type of configuration relates to the functionality of the device. Here, the settings, thresholds, and the different logic are each accounted for. This type of configuration is more dynamic and can change over time in response to operational conditions or system changes.
Source: (Gauci, 2016)
3. Secure configuration refers to security measures that are implemented when building and installing computers and network devices in order to reduce unnecessary cyber vulnerabilities. Web server and application server configurations play a key role in the security of a web application. Failure to manage the proper configuration of your servers can lead to a wide variety of security problems.
Source: (IT Governance, 2017)