What is a golden image in endpoint security and why does baselining matter?

A golden image is a known-good, locked-down OS image that serves as a trusted standard for deploying endpoints. Baselining matters because it creates a baseline of how a secure, properly configured endpoint should look in terms of OS, settings, and installed software. By comparing active devices to this baseline, security teams can spot drift, tampering, or unauthorized changes quickly and respond to incidents more efficiently. This approach also helps ensure consistency across all devices and supports ongoing compliance. The other options don’t fit because a random snapshot isn’t trusted or repeatable, a replacement hardware image is about hardware rather than a validated software baseline, and a backup file for network configuration isn’t a full OS image used for secure endpoint deployment.