Which process allows enterprise security personnel to determine if a change to the baseline has been made?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Study for the CompTIA SecurityX Test. Equip yourself with comprehensive flashcards and multiple choice questions that include hints and explanations. Gear up for your certification exam!

Multiple Choice

Which process allows enterprise security personnel to determine if a change to the baseline has been made?

Explanation:
Attestation is the process that lets security teams verify a system’s current configuration against the established baseline. It typically involves a trusted hardware root, like a TPM, that collects measurements of the system’s state (boot sequence, installed software, patches) and produces a signed report that a central verifier can check. If the measured state matches the baseline, everything is as expected; if there are discrepancies, changes to the baseline are detected. This provides a scalable way to prove to security personnel that devices haven’t drifted from the approved configuration. Hashing is a method used to detect changes by comparing a computed hash to a known good hash, but it usually requires manual re-checks on each device and doesn’t inherently provide the remote, verifiable state report that attestation offers. Privacy and identity-proofing aren’t about verifying system state against a baseline or detecting configuration drift, so they don’t fit this intent. Authentication, while related to verifying identity, isn’t the process used to prove a device’s state to a central authority. Attestation specifically addresses confirming the system’s baseline integrity.

Attestation is the process that lets security teams verify a system’s current configuration against the established baseline. It typically involves a trusted hardware root, like a TPM, that collects measurements of the system’s state (boot sequence, installed software, patches) and produces a signed report that a central verifier can check. If the measured state matches the baseline, everything is as expected; if there are discrepancies, changes to the baseline are detected. This provides a scalable way to prove to security personnel that devices haven’t drifted from the approved configuration.

Hashing is a method used to detect changes by comparing a computed hash to a known good hash, but it usually requires manual re-checks on each device and doesn’t inherently provide the remote, verifiable state report that attestation offers. Privacy and identity-proofing aren’t about verifying system state against a baseline or detecting configuration drift, so they don’t fit this intent. Authentication, while related to verifying identity, isn’t the process used to prove a device’s state to a central authority. Attestation specifically addresses confirming the system’s baseline integrity.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy