nerdexam
CompTIA

SY0-301 · Question #312

Which of the following would a security administrator implement in order to identify change from the standard configuration on a server?

The correct answer is C. Baseline review. A baseline is a documented, approved snapshot of a system's standard configuration (settings, installed software, services, registry values, etc.). A baseline review compares the server's current state against that snapshot to detect unauthorized or unexpected changes - such as n

Security operations

Question

Which of the following would a security administrator implement in order to identify change from the standard configuration on a server?

Options

  • APenetration test
  • BCode review
  • CBaseline review
  • DDesign review

How the community answered

(20 responses)
  • A
    10% (2)
  • C
    85% (17)
  • D
    5% (1)

Explanation

A baseline is a documented, approved snapshot of a system's standard configuration (settings, installed software, services, registry values, etc.). A baseline review compares the server's current state against that snapshot to detect unauthorized or unexpected changes - such as new software, altered settings, or disabled security controls. A penetration test actively tries to exploit weaknesses. A code review examines source code. A design review evaluates architecture. Only a baseline review directly answers 'what has changed from the standard?'

Topics

#baseline review#configuration management#change detection

Community Discussion

No community discussion yet for this question.

Full SY0-301 Practice