Exam SY0-601 topic 1 question 715 discussion

To assess system configurations against a minimum security baseline, security administrators would use: D. Benchmarks Explanation: D. Benchmarks: Security benchmarks provide standardized sets of best practices and settings that help ensure the secure configuration of an operating system or application. Organizations such as the Center for Internet Security (CIS) provide security benchmarks that can be used to evaluate and harden systems to meet security baselines.

D. Benchmarks Security administrators can use benchmarks to assess their system configurations against a minimum security baseline required for compliance. Benchmarks are documents that provide guidance and best practices for configuring and securing various types of systems and software. These benchmarks are often created by trusted organizations, such as the Center for Internet Security (CIS) or the National Institute of Standards and Technology (NIST). Security control matrices and risk management frameworks are important tools for managing and assessing security controls and risks within an organization, but they are not typically used to directly assess system configurations against a specific security baseline. SOAR (Security Orchestration, Automation, and Response) playbooks are used for automating incident response and security processes and are not specifically designed for assessing system configurations against security baselines.

Although a framework gives a "high-level" view of how to plan IT services, it does not generally provide detailed implementation guidance. At a system level, the deployment of servers and applications is covered by benchmarks and secure configuration guides