CompTIA Security+ (SY0-601) — Question 812

Local guidelines require that all information systems meet a minimum security baseline to be compliant. Which of the following can security administrators use to assess their system configurations against the baseline?

Answer options

• A. SOAR playbook
• B. Security control matrix
• C. Risk management framework
• D. Benchmarks

Correct answer: D

Explanation

The correct answer is D, as benchmarks provide specific standards and metrics for assessing system configurations against compliance requirements. Options A and B do not focus on compliance assessments but rather on security orchestration and control management, respectively. Option C is more about overall risk management rather than specific compliance evaluations.