CompTIA Security+ Question J-81

A computer is suspected of being compromised by malware. The security analyst examines the computer and finds that a service called Telnet is running and connecting to an external website over port 443. This Telnet service was found by comparing the system’s services to the list of standard services on the company’s system image. This review process depends on:

A. MAC filtering.
B. System hardening.
C. Rogue machine detection.
D. Baselining.

Answer: D

Explanation:
Application baseline defines the level or standard of security that will be implemented and maintained for the application. It may include requirements of hardware components, operating system versions, patch levels, installed applications and their configurations, and available ports and services. Systems can be compared to the baseline to ensure that the required level of security is being maintained.