When in the CLI of the MM you cannot make changes at the / level, so the first level that you can make MC related changes is at /MD. At any level in the hierarchy, if you want to see what changes were made at that node, you can use the following command. This shows any changes made at the group or device node that you are currently at.
(MM1) [md] #show configuration committed
uplink health-check
crypto-local isakmp dpd idle-timeout 22 retry-timeout 2 retry-attempts 3
vpdn group l2tp
ppp authentication PAP
!
mgmt-server primary-server master profile default-controller transport udp
ssh mgmt-auth public-key
At any point in the node hierarchy, if you want to see what the configuration is, you can use the "show configuration effective" command. If you want to see where each setting is inherited from, you can issue the following command. I cut out some of the output, but if you see, each line shows where the command was inherited from. In this example, some settings were "inherited from [/]" system node, while other settings were set from the current "local [/md]" node.
(MM1) [md] #show configuration effective detail
user-role logon # inherited from [/]
access-list session ra-guard # inherited from [/]
access-list session logon-control # inherited from [/]
access-list session captiveportal # inherited from [/]
access-list session vpnlogon # inherited from [/]
access-list session v6-logon-control # inherited from [/]
access-list session captiveportal6 # inherited from [/]
uplink health-check # local [/md]
crypto-local isakmp dpd idle-timeout 22 retry-timeout 2 retry-attempts 3 # local [/md]
crypto isakmp policy 10002 # inherited from [/]
version v1 # inherited from [/]
authentication rsa-sig # inherited from [/]
encryption AES256 # inherited from [/]
group 2 # inherited from [/]
hash sha # inherited from [/]
!
I hope this helps,