Unit 8 - Configuration Drift and Remediation
Overview
Configuration drift is the silent enemy of consistent, secure infrastructure.
When systems slowly deviate from their intended state, whether that be through manual
changes, failed updates, or misconfigured automation, security risks increase and
reliability suffers.
In this unit, we focus on identifying, preventing, and correcting configuration drift.
Students will explore concepts like Infrastructure as Code (IaC), immutable
infrastructure, and centralized configuration management.
We will also look at how drift can be detected through tools like AIDE and remediated
through automation platforms like Ansible.
Students will not only understand why drift happens, but also learn how to build resilient systems that can identify and self-correct unauthorized changes.
Learning Objectives
- Define configuration drift and understand its impact on security and operations.
- Explore change management frameworks, including CMDBs and baselines.
- Implement detection tools like AIDE to monitor file system integrity.
- Use Ansible to remediate drift and enforce configuration state.
- Connect drift management to compliance, auditability, and incident response.
Key terms and Definitions
| Configuration Drift | System Lifecycle |
|---|---|
| Change Management | CMDB (Configuration Management Database) |
| CI (Configuration Item) | Baseline |
| Build Book / Run Book | Immutable Infrastructure |
| **Hashing ** | IaC (Infrastructure as Code) |
| Orchestration | Automation |
| AIDE (Advanced Intrusion Detection Environment) |