SY0-301 · Question #312
Which of the following would a security administrator implement in order to identify change from the standard configuration on a server?
The correct answer is C. Baseline review. A baseline is a documented, approved snapshot of a system's standard configuration (settings, installed software, services, registry values, etc.). A baseline review compares the server's current state against that snapshot to detect unauthorized or unexpected changes - such as n
Question
Which of the following would a security administrator implement in order to identify change from the standard configuration on a server?
Options
- APenetration test
- BCode review
- CBaseline review
- DDesign review
How the community answered
(20 responses)- A10% (2)
- C85% (17)
- D5% (1)
Explanation
A baseline is a documented, approved snapshot of a system's standard configuration (settings, installed software, services, registry values, etc.). A baseline review compares the server's current state against that snapshot to detect unauthorized or unexpected changes - such as new software, altered settings, or disabled security controls. A penetration test actively tries to exploit weaknesses. A code review examines source code. A design review evaluates architecture. Only a baseline review directly answers 'what has changed from the standard?'
Topics
Community Discussion
No community discussion yet for this question.