Identifying a list of all approved software on a system is a step in which of the following practices?

A.
Passively testing security controls

B.
Application hardening

C.
Host software baselining

D.
Client-side targeting

Explanation:
Application baseline defines the level or standard of security that will be implemented and
maintained for the application. It may include requirements of hardware components, operating
system versions, patch levels, installed applications and their configurations, and available ports

and services. Systems can be compared to the baseline to ensure that the required level of
security is being maintained.