Secure Baselines - CompTIA Security+ SY0-701 - 4.1

0.0(0)
Studied by 0 people
call kaiCall Kai
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/3

encourage image

There's no tags or description

Looks like no tags are added yet.

Last updated 5:13 AM on 3/31/26
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai

No analytics yet

Send a link to your students to track their progress

4 Terms

1
New cards

Secure Baselines

• The security of an application environment should be well defined - All application instances must follow this baseline - Firewall settings, patch levels, OS file versions - May require constant updates • Integrity measurements check for the secure baseline - These should be performed often - Check against well-documented baselines - Failure requires an immediate correction

2
New cards

Establish baselines

• Create a series of baselines

- Foundational security policies

• Security baselines are often available from the

manufacturer

- Application developer

- Operating system manufacturer

- Appliance manufacturer

• Many operating systems have extensive options

- There are over 3,000 group policy settings in Windows 10

- Only some of those are associated with security

3
New cards

Deploy baselines

We have established detailed security baselines

- How do we put those baselines in action?

Deploy the baselines

- Usually managed through a centrally adminitered console

May require multiple deployment mechanisms

- Active Directory group policy, MDM, etc

Automation is key

- Deploy to hundred or thousands of devices

4
New cards

Maintain baselines

Many of these are best practices, they rarely change

Other baselines may require ongoing updates

- A new vulnerability is discovered

- An updated application has been deployed

- A new OS is installed

Test and measure to avoid conflicts

- Some baselines may contradict others

- Enterprise environments are complex