PrepAway - Latest Free Exam Questions & Answers

Which of the following would a security administrator implement in order to identify change from the standard

Which of the following would a security administrator implement in order to identify change from the
standard configuration on a server?

PrepAway - Latest Free Exam Questions & Answers

A.
Penetration test

B.
Code review

C.
Baseline review

D.
Design review

Explanation:
The standard configuration on a server is known as the baseline.
The IT baseline protection approach is a methodology to identify and implement computer security
measures in an organization. The aim is the achievement of an adequate and appropriate level of security
for IT systems. This is known as a baseline.
A baseline report compares the current status of network systems in terms of security updates,
performance or other metrics to a predefined set of standards (the baseline).
Incorrect Answers:
A: Penetration testing evaluates an organization’s ability to protect its networks, applications, computers
and users from attempts to circumvent its security controls to gain unauthorized or privileged access to
protected assets. By performing a penetration test on a server, you are actively trying to circumvent its
security controls to gain unauthorized or privileged access to the server. A penetration test is not used to
identify change from the standard configuration on a server.
B: A code review is the process of reviewing the code in an application. It is not used to identify change
from the standard configuration on a server.
D: A design review is the process of reviewing the design of something; examples include reviewing the
design of the network or the design of a software application. It is not used to identify change from the
standard configuration on a server.

http://en.wikipedia.org/wiki/IT_baseline_protection


Leave a Reply