Understand security baselines.
A security baseline is defined in the company's security policy and is a model set of security-related modifications, patches, and settings that underpin the technical implementation of security. Companies should have post-installation configuration and audit guides (automated, where possible) that implement security policies. These settings include but are not limited to the following:
Registry enhancements and lock-downs
Auditing and logging configurations
File system security tightening
Services and applications configurations
Custom security tools, where applicable
Security policies must be reviewed and updated on a regular basis, so security baselines can constantly improve. To ...