Chapter 76 · Quiz

Security Baselines — Quiz

10-question assessment covering baseline definition and purpose, integrity measurements, configuration drift, deployment mechanisms, manufacturer sources, and the baseline lifecycle.

Question 1 of 6
A security baseline defines which of the following for an application environment?
Question 2 of 6
An organization discovers that one of its 50 application servers was never brought into compliance with the approved security baseline at deployment. That server is subsequently compromised by an attacker exploiting a missing patch. What does this scenario best illustrate?
Question 3 of 6
A security team is configuring new Windows 10 workstations and wants to start from Microsoft's recommended security settings rather than building a baseline from scratch. Which tool should they use?
Question 4 of 6
A continuous integrity monitoring system alerts that a production server has three deviations from its approved baseline: a new local user account was created, RDP was enabled, and Windows Defender real-time protection was disabled. None of these changes appear in the change management system. What is the most important first response?
Question 5 of 6
An organization's security baseline for Windows servers was last updated two years ago. A new critical vulnerability is announced affecting the Windows Remote Procedure Call service. The vulnerability can be mitigated by disabling an optional RPC feature that the organization does not use. What should the organization do?
Question 6 of 6
Which statement best describes configuration drift?

Matching

Match each baseline management scenario to the phase or concept it best represents.

1. A security team downloads the Microsoft SCT, customizes 12 settings for their operational environment, documents the justifications, and gets formal approval for the resulting configuration standard.
2. Using Active Directory Group Policy and an MDM platform, the security team pushes the approved configuration settings to all 600 workstations and enrolled mobile devices, verifying 100% coverage within 24 hours.
3. When a new vulnerability bulletin requires disabling TLS 1.0, the team updates the baseline document, tests the change on a pilot group, confirms application compatibility, and then redeploys the updated setting organization-wide within 48 hours.
4. Every quarter, the compliance team runs a formal assessment comparing all server configurations against the approved baseline, produces a compliance report, and stores it as documented evidence for the upcoming PCI DSS assessment.
A. Establish
B. Deploy
C. Maintain
D. Audit