Which of the following would a security administrator implement in order to identify change from the standard
configuration on a server?

A.
Penetration test

B.
Code review

C.
Baseline review

D.
Design review

Explanation:
The standard configuration on a server is known as the baseline.
The IT baseline protection approach is a methodology to identify and implement computer security measures in
an organization. The aim is the achievement of an adequate and appropriate level of security for IT systems.
This is known as a baseline.
A baseline report compares the current status of network systems in terms of security updates, performance or
other metrics to a predefined set of standards (the baseline).