Which term describes a documented, lowest level of security configuration?

Prepare for the ISSAP Exam with challenging questions and insights. Enhance your understanding using flashcards and detailed explanations. Master your skills for success!

Multiple Choice

Which term describes a documented, lowest level of security configuration?

Explanation:
A security baseline represents the documented minimum set of security configurations that must be applied to all systems. This baseline serves as the foundation for secure deployments, ensuring consistency across environments and providing a reference point to detect deviations. By defining the lowest acceptable settings—such as mandatory patch levels, password policies, enabled/disabled services, and logging requirements—the baseline establishes the starting point for any further hardening or additional controls. Threat modeling, centralized architecture, and service-oriented architecture describe processes or architectural styles, not the baseline minimum for system security configurations.

A security baseline represents the documented minimum set of security configurations that must be applied to all systems. This baseline serves as the foundation for secure deployments, ensuring consistency across environments and providing a reference point to detect deviations. By defining the lowest acceptable settings—such as mandatory patch levels, password policies, enabled/disabled services, and logging requirements—the baseline establishes the starting point for any further hardening or additional controls. Threat modeling, centralized architecture, and service-oriented architecture describe processes or architectural styles, not the baseline minimum for system security configurations.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy