5.2. Defining Security Baselines

One of the first steps in developing a secure environment is to develop a baseline of the minimum security needs of your organization. A security baseline defines the level of security that will be implemented and maintained. You can choose to set a low baseline by implementing next to no security or a high baseline that doesn't allow users to make any changes at all to the network or their systems. In practice, most implementations fall between the two extremes; you must determine what is best for your organization.

The security baseline, which can also be called a performance baseline, provides the input needed to design, implement, and support a secure network. Developing the baseline includes gathering data ...

Get CompTIA Security+™ Deluxe: Study Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.