Certified Cloud Security Professional (CCSP) — Question 507

The baseline should cover which of the following?

Answer options

• A. Data breach alerting and reporting
• B. All regulatory compliance requirements
• C. As many systems throughout the organization as possible
• D. A process for version control

Correct answer: C

Explanation

The correct answer is C because a comprehensive baseline aims to encompass as many systems in the organization as possible to ensure a thorough security posture. Options A and B are important but are specific aspects rather than the broad scope required for a baseline. Option D, while relevant for development processes, does not directly pertain to the overall baseline coverage.