Which assessment type checks the security configuration compliance state of a group of endpoints?

The correct choice, Compliance, focuses specifically on evaluating the security configuration of endpoints to determine if they meet predetermined standards or policies. Compliance assessments review the configurations of systems against industry benchmarks, organizational policies, or regulatory requirements. This involves checking settings such as password policies, installed software versions, and other security measures to ensure that they align with best practices and compliance frameworks.

This assessment type is critical for organizations that need to ensure their systems are secure and compliant with various regulations, as it helps identify any deviations from required security postures. The findings from compliance assessments guide organizations in remediating security gaps and improving their overall security posture.

Other options, such as Findings or Vulnerability assessments, serve different purposes. Findings reports analyze the results of assessments but do not specifically check compliance states. Vulnerability assessments focus on identifying and categorizing vulnerabilities in systems rather than confirming adherence to security configurations. Network unauthenticated vulnerability assessments evaluate exposure to risks from an unauthenticated standpoint but, again, do not directly assess compliance with security configurations. Thus, the Compliance assessment type is the most appropriate choice for checking security configuration compliance states.