Security+ Objective 1.3 Implement OS hardening practices and procedures to achieve workstation and server security – Configuration Baselines

A baseline is a starting point for measurement or construction.

When we talk about configuration baselines we are usually talking about the starting point for system construction.  Applying a configuration baseline would be the first task performed on new systems.  This is often done by deploying a standard image which is preconfigured with a set of consistent, required security settings.  After that, the system would be updated with the latest patches and receive any additional configuration and software.  Configuration baselines allow for easier security management by standardizing what could otherwise be a chaotic free-for-all.   

You could also use a baseline as a measuring point to track deviations in security configuration.  In this situation, the baseline would be taken after the initial configuration is complete.  If some malware attempts to secretly alter the system it would be detected.  By having a baseline, we have a comparison point to identify these changes.

Go back to the Exam Objectives list

Be Sociable, Share!


There are no comments yet...Kick things off by filling out the form below.

Leave a Comment