CompTIA Security+ (SY0-601) — Question 771

An annual information security assessment has revealed that several OS-level configurations are not in compliance due to outdated hardening standards the company is using. Which of the following would be BEST to use to update and reconfigure the OS-level security configurations?

Answer options

• A. CIS benchmarks
• B. GDPR guidance
• C. Regional regulations
• D. ISO 27001 standards

Correct answer: A

Explanation

CIS benchmarks provide specific, detailed guidelines for securely configuring operating systems, making them the most suitable choice for updating security settings. In contrast, GDPR guidance focuses on data protection regulations, regional regulations vary widely and may not address OS configurations directly, and ISO 27001 standards are broader in scope, primarily focused on information security management systems rather than specific OS hardening.