Skip to content
Log in

Clean baseline

Definition

A confirmed, verified system state that predates the compromise and is free from attacker artefacts. Establishing a clean baseline is the starting point of any recovery. It may come from a validated backup, a golden image, or a rebuilt system configured from source.

Related terms

Dependency mapping
The process of identifying all services, systems, and data flows that a given system depends on, and all systems that depend on...
Observation window
A defined period after a system is restored during which enhanced monitoring is applied before the system is declared fully recovered. The...
Recovery Point Objective (RPO)
The maximum acceptable amount of data loss measured in time. It defines how far back in time the organisation is willing to...
Recovery Time Objective (RTO)
The maximum acceptable duration of downtime before a system must be restored to service. RTO drives decisions about recovery method: a short...
Rollback plan
A documented procedure for reverting a recovery attempt if it fails or introduces new problems. A rollback plan specifies trigger conditions, the...

Explained in

  • Safe System Recovery and RestorationA confirmed, verified system state that predates the compromise and is free from attacker artefacts. Establishing a clean baseline is the starting point of any...

Your journey to becoming a forensic professional starts here.

Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.

Continue learningCreate Your Account