A baseline is a standard or reference point that is used to measure and compare the current state of a system or process. A baseline can be established for various aspects of a system, such as performance, security, configuration, functionality, or quality. A baseline can help to identify deviations, anomalies, or changes that occur over time, and to evaluate the impact of those changes on the system or process. A baseline can also help to restore a system or process to its original or desired state, by providing a reference for corrective actions. In this case, the organization has experienced repeated occurrences of system configurations becoming incorrect over time, which can affect the security, reliability, and functionality of the systems. After implementing corrections on all system configurations across the enterprise, the CISO purchased an automated tool that will monitor system configurations and identify any deviations. In the future, the organization should use a baseline to identify incorrectly configured systems, by comparing the current system configurations with the baseline system configurations that were established after the corrections. A baseline can help the organization to detect and prevent configuration drift, which is the gradual but unintentional divergence of a system's actual configuration settings from its secure baseline configuration. A baseline can also help the organization to apply configuration management, which is the process of planning, identifying, controlling, and verifying the configuration of a system or process throughout its lifecycle. Reference: CompTIA Cloud Essentials+ CLO-002 Study Guide, Chapter 4: Cloud Security, Section 4.2: Cloud Security Concepts, Page 153. What a Baseline Configuration Is and How to Prevent Configuration Drift - Netwrix1 Configuration Baselines - AcqNotes2