Question

- Explain these terminology with your simple own words Please don't copy and past from internet and make them as simple as possible (2 lines or three maximum)

Security Baseline, Security Standard, Security Procedures, Security Guidelines

Answer 1

Explanation of the terminologies:

* Security Baseline:
* It is a set of security goals in general or configuration settings in specific explaining their security impacts to assess the existing security practices of an IT team or department as a whole, based on pre-recommendations and standard measures taken thereafter.
* The systems, services, or devices being tested and used per these recommendations should meet this security baseline.
* A security baseline is recommended by Microsoft such as in Group Policies, security templates, and configuration baselines.

* Security Standard:
* It defines the document for the scope of required security functions, processes, procedures, methods, and features; information and human assets management policies; conditions for assessing the effectiveness of security measures; ongoing security assessment and security breaches monitoring techniques; and steps and remediation tasks for handling already occurred security failures.
* It helps in providing measures to prevent, reduce risks, detect, and mitigate security attacks, breaches, and other related issues.
* It is a standard of good practice mentioning the techniques published in materials that are used to protect the IT environment, systems, services, devices, components, and data of an individual or enterprises.

* Security Procedures:
* It is a set of required activities in sequence carried out to conduct specific security check, tasks, and functions.
* It includes and is a set of different strategies, guidelines, policies, standards, specifications, regulations, and laws.
* These security procedures are to carried out to protect systems and services, monitor them for any security breaches and suspicious activities, identity verification, authorization validation, permission checks; detect any faults, errors, or breaches; reporting any suspicious activity, and placing a hold on an individual's account, delete or de-activate the account, block or catch hold of an attacker, hacker, intruder, trespasser, etc.

* Security Guidelines:
* It is a set of instructions, a self-assessment guide, and a checklist, in general, helping and letting the users know as to what to do and what not to do with respect to security.
* These are not mandatory actions to be carried out but, can be considered as best practices, and tips and tricks and not following this will not result in any legal and disciplinary action on the individual.
* It is written as suggestions and pieces of advice to help users guide them in their actions.