What is a security baseline and how is it used to assess risk?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Enhance your cyber defense skills with the Security Blue Team Level 1 Test. Prepare with flashcards, multiple choice questions, and detailed explanations to ace your exam!

Multiple Choice

What is a security baseline and how is it used to assess risk?

Explanation:
A security baseline sets the minimum secure configuration that systems should have. It serves as a reference point to compare actual configurations against, so any deviations can be found. Those deviations indicate weaknesses that could be exploited, which is how risk is assessed: you identify gaps, evaluate their potential impact and likelihood, and prioritize fixes. Baselines help maintain a consistent security posture across many hosts, streamline audits, and enable automated checks with configuration management and scanning tools. The baseline isn't a vulnerability list, nor a patch schedule, nor a data retention policy—it's about how you configure and harden systems. For example, a baseline might require only necessary services running and a defined password policy; if a system has extra services or weak password settings, that increases risk relative to the baseline and points to remediation.

A security baseline sets the minimum secure configuration that systems should have. It serves as a reference point to compare actual configurations against, so any deviations can be found. Those deviations indicate weaknesses that could be exploited, which is how risk is assessed: you identify gaps, evaluate their potential impact and likelihood, and prioritize fixes. Baselines help maintain a consistent security posture across many hosts, streamline audits, and enable automated checks with configuration management and scanning tools. The baseline isn't a vulnerability list, nor a patch schedule, nor a data retention policy—it's about how you configure and harden systems. For example, a baseline might require only necessary services running and a defined password policy; if a system has extra services or weak password settings, that increases risk relative to the baseline and points to remediation.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy