Recommended guest OS for security

See here: Debian-10-minimal Configuration

and here: automate debian-minimal based template creation