CompTIA CySA+ (CS0-003) — Question 126

An organization would like to ensure its cloud infrastructure has a hardened configuration. A requirement is to create a server image that can be deployed with a secure template. Which of the following is the best resource to ensure secure configuration?

Answer options

• A. CIS Benchmarks
• B. PCI DSS
• C. OWASP Top Ten
• D. ISO 27001

Correct answer: A

Explanation

CIS Benchmarks provide well-defined guidelines for securely configuring systems and applications, making them the best choice for this requirement. PCI DSS focuses on payment card data security, OWASP Top Ten addresses web application vulnerabilities, and ISO 27001 is a standard for information security management but is less specific about configuration hardening.