GIAC GCCC Practice Test Pdf Exam Material
GCCC Answers GCCC Free Demo Are Based On The Real Exam
GIAC GCCC Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
NEW QUESTION 49
What is an organization's goal in deploying a policy to encrypt all mobile devices?
- A. Applying the principle of defense in depth to their mobile devices
- B. Enabling best practices for the protection of their software licenses
- C. Controlling unauthorized access to sensitive information
- D. Providing their employees, a secure method of connecting to the corporate network
Answer: C
NEW QUESTION 50
Why is it important to enable event log storage on a system immediately after it is installed?
- A. To create the ability to separate abnormal behavior from normal behavior during an incident
- B. To identify root kits included on the system out of the box
- C. To compare it performance with other systems already on the network
- D. To allow system to be restored to a known good state if it is compromised
Answer: A
NEW QUESTION 51
How can the results of automated network configuration scans be used to improve the security of the network?
- A. Reports can be sent to the CIO for performance benchmarks
- B. Results can be provided to network engineers as actionable feedback
- C. Scanners can correct network configurations issues
- D. Results can be included in audit evidence failures
Answer: B
NEW QUESTION 52
A global corporation has major data centers in Seattle, New York, London and Tokyo. Which of the following is the correct approach from an intrusion detection and event correlation perspective?
- A. Synchronize between Seattle and New York, and use local time for London and Tokyo
- B. Configure all data center systems to use local time
- C. Configure all data center systems to use GMT time
- D. Configure all systems to use their default time settings
Answer: B
NEW QUESTION 53
Scan 1 was taken on Monday. Scan 2 was taken of the same network on Wednesday. Which of the following findings is accurate based on the information contained in the scans?
- A. The host with MAC Address D8:50:E6:9F:EE:60 had an IP address change
- B. The host located at 192.168.177.21 is a new host on the network
- C. The host located at 192.168.177.7 is no longer on the network
- D. The host with MAC Address D8:50:E6:9F:EE:60 is no longer on the network
Answer: A
NEW QUESTION 54
To effectively implement the Data Protection CIS Control, which task needs to be implemented first?
- A. The organization's proprietary data needs to be encrypted
- B. Employees need to be notified that proprietary data should be protected
- C. The organization's proprietary data needs to be identified
- D. Appropriate file content matching needs to be configured
Answer: C
NEW QUESTION 55
What documentation should be gathered and reviewed for evaluating an Incident Response program?
- A. Policy and Procedures
- B. Results from security training assessments
- C. Staff member interviews
- D. NIST Cybersecurity Framework
Answer: A
NEW QUESTION 56
How does an organization's hardware inventory support the control for secure configurations?
- A. It provides a list of unauthorized devices on the network
- B. It identifies the life cycle of manufacturer support for hardware devices
- C. It provides a list of managed devices that should be secured
- D. It provides the MAC addresses for insecure network adapters
Answer: C
NEW QUESTION 57
Which of the following actions will assist an organization specifically with implementing web application software security?
- A. Having a plan to scan vulnerabilities of an application prior to deployment
- B. Providing end-user security training to both internal staff and vendors
- C. Establishing network activity baselines among public-facing servers
- D. Making sure that all hosts are patched during regularly scheduled maintenance
Answer: A
NEW QUESTION 58
An organization is implementing an application software security control their custom-written code that provides web-based database access to sales partners. Which action will help mitigate the risk of the application being compromised?
- A. Providing the source code for their web application to existing sales partners
- B. Logging the connection requests to the web application server from outside hosts
- C. Creating signatures for their IDS to detect attacks specific to their web application
- D. Identifying high-risk assets that are on the same network as the web application server
Answer: C
NEW QUESTION 59
Which of the following should be measured and analyzed regularly when implementing the Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers CIS Control?
- A. What percentage of the organization's applications are using sandboxing products
- B. How long does it take to identify new unauthorized listening ports on the network systems
- C. What percentage of systems in the organization are using Network Level Authentication (NLA)
- D. How long does it take to remove unauthorized software from the organization's systems
- E. What percentage of assets will have their settings enforced and redeployed
Answer: E
NEW QUESTION 60
Given the audit finding below, which CIS Control was being measured?
- A. Controlled Use of Administrative Privilege
- B. Inventory and Control of Hardware Assets
- C. Controlled Access Based on the Need to Know
- D. Secure Configurations for Hardware and Software on Laptops, Workstations, and Servers
- E. Limitation and Control of Network Ports, Protocols and Services
Answer: A
NEW QUESTION 61
Below is a screenshot from a deployed next-generation firewall. These configuration settings would be a defensive measure for which CIS Control?
- A. Email and Web Browser Protections
- B. Controlled Access Based on the Need to Know
- C. Secure Configuration for Network Devices, such as Firewalls, Routers and Switches.
- D. Limitation and Control of Network Ports, Protocols and Services
Answer: A
NEW QUESTION 62
What is the list displaying?
- A. Missing patches from a patching server
- B. Allowed program in a software inventory application
- C. Unauthorized programs detected in a software inventory
- D. Installed software on an end-user device
Answer: B
NEW QUESTION 63
Which of the following assigns a number indicating the severity of a discovered software vulnerability?
- A. CVSS
- B. CCE
- C. CPE
- D. CVE
Answer: A
NEW QUESTION 64
What is the business goal of the Inventory and Control of Software Assets Control?
- A. Accurate software versions and counts are documented for licensing updates
- B. All software conforms to licensing requirements for the business
- C. Only authorized software should be installed on the agency 's c omput er s ys t ems
- D. Accurate software versions are captured to enable patching
Answer: C
NEW QUESTION 65
An organization is implementing a control for the Account Monitoring and Control CIS Control, and have set the Account Lockout Policy as shown below. What is the risk presented by these settings?
- A. Once accounts are locked, they cannot be unlocked.
- B. Password length and complexity will be automatically reduced.
- C. Legitimate users could be unable to access resources.
- D. Brute-force password attacks could be more effective.
Answer: C
NEW QUESTION 66
During a security audit which test should result in a source packet failing to reach its intended destination?
- A. A new connection request from the Internet is sent to a host on the company 's internal net work
- B. A packet originating from the company's DMZ is sent to a host on the company's internal network
- C. A new connection request from the internet is sent to the company's DNS server
- D. A packet originating from the company's internal network is sent to the company's DNS server
Answer: A
NEW QUESTION 67
IDS alerts at Service Industries are received by email. A typical day process over 300 emails with fewer than
50 requiring action. A recent attack was successful and went unnoticed due to the number of generated alerts.
What should be done to prevent this from recurring?
- A. Increase the number of staff responsible for processing IDS alerts.
- B. Change the alert method from email to text message.
- C. Configure the IDS alerts to only alert on high priority systems.
- D. Tune the IDS rules to decrease false positives.
Answer: D
NEW QUESTION 68
Which of the following archiving methods would maximize log integrity?
- A. CD-RW
- B. Magnetic Tape
- C. USB flash drive
- D. DVD-R
Answer: D
NEW QUESTION 69
Which of the following actions produced the output seen below?
- A. An access rule was added to firewallrules.txt
- B. An access rule was added to firewallrules2.txt
- C. An access rule was removed from firewallrules.txt
- D. An access rule was removed from firewallrules2.txt
Answer: B
NEW QUESTION 70
Which of the following is a responsibility of a change management board?
- A. Reviewing log files for unapproved changes
- B. Providing recommendations for the changes
- C. Reviewing configuration of the documents
- D. Approving system baseline configurations.
Answer: D
NEW QUESTION 71
An organization has implemented a control for penetration testing and red team exercises conducted on their network. They have compiled metrics showing the success of the penetration testing (Penetration Tests), as well as the number of actual adversary attacks they have sustained (External Attacks). Assess the metrics below and determine the appropriate interpretation with respect to this control.
- A. There are too many internal penetration tests being conducted
- B. The red team is improving their capability to measure network security
- C. The blue team is adequately protecting the network
- D. The methods the red team is using are not effectively testing the network
Answer: D
NEW QUESTION 72
Which of the following is a requirement in order to implement the principle of least privilege?
- A. Mandatory Access Control (MAC)
- B. Data normalization
- C. Data classification
- D. Discretionary Access Control (DAC)
Answer: C
NEW QUESTION 73
An organization is implementing a control for the Limitation and Control of Network Ports, Protocols, and Services CIS Control. Which action should they take when they discover that an application running on a web server is no longer needed?
- A. Uninstall the application providing the service
- B. Block the protocol for the unneeded service at the firewall
- C. Create an access list on the router to filter traffic to the host
- D. Turn the service off in the host configuration files
Answer: A
NEW QUESTION 74
......
GCCC [Jan-2022] Newly Released] Exam Questions For You To Pass: https://www.actual4labs.com/GIAC/GCCC-actual-exam-dumps.html
GIAC GCCC Exam: Basic Questions With Answers: https://drive.google.com/open?id=1f8HXyy2RLcewG1_VMfsWpZdFGyiHkm0L