[Nov 26, 2021] New Real GCCC Exam Dumps Questions [Q22-Q42]

Share

[Nov 26, 2021] New Real GCCC Exam Dumps Questions

Pass Your GCCC Exam Easily with Accurate GIAC Critical Controls Certification (GCCC) PDF Questions


GIAC GCCC Exam Syllabus Topics:

TopicDetails
Topic 1
  • Secure Configurations for Hardware and Software
  • Continuous Vulnerability Management
Topic 2
  • Inventory and Control of Hardware Assets
  • Malware Defenses
Topic 3
  • Penetration Tests and Red Team Exercises
  • Controlled Use of Administrative Privileges
Topic 4
  • Incident Response and Management
  • Background, History, Purpose & Implementation of the 20 CC
Topic 5
  • Implement a Security Awareness and Training Program
  • Controlled Access Based on the Need to Know
Topic 6
  • Secure Configurations for Network Devices
  • Application Software Security
Topic 7
  • Limitation and Control of Network Ports
  • Wireless Access Control
Topic 8
  • Inventory and Control of Software Assets
  • Boundary Defense
Topic 9
  • Email & Web Browser Protections
  • Data Recovery Capability
  • Data Protection
Topic 11
  • Maintenance, Monitoring, and Analysis of Audit Logs
  • Account Monitoring and Control

 

NEW QUESTION 22
An organization has implemented a policy to detect and remove malicious software from its network. Which of the following actions is focused on correcting rather than preventing attack?

  • A. Training users to recognize potential phishing attempts
  • B. Using Network access control to disable communication by hosts with viruses
  • C. Configuring a firewall to only allow communication to whitelisted hosts and ports
  • D. Disabling autorun features on all workstations on the network

Answer: B

 

NEW QUESTION 23
Which of the following should be measured and analyzed regularly when implementing the Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers CIS Control?

  • A. What percentage of systems in the organization are using Network Level Authentication (NLA)
  • B. How long does it take to identify new unauthorized listening ports on the network systems
  • C. What percentage of assets will have their settings enforced and redeployed
  • D. What percentage of the organization's applications are using sandboxing products
  • E. How long does it take to remove unauthorized software from the organization's systems

Answer: C

 

NEW QUESTION 24
Which type of scan is best able to determine if user workstations are missing any important patches?

  • A. A network vulnerability scan using aggressive scanning
  • B. A port scan using banner grabbing
  • C. A web application/database scan
  • D. A source code scan
  • E. A vulnerability scan using valid credentials

Answer: E

 

NEW QUESTION 25
When evaluating the Wireless Access Control CIS Control, which of the following systems needs to be tested?

  • A. 802.1x authentication systems
  • B. Data classification and access baselines
  • C. Log management system
  • D. PII data scanner

Answer: A

 

NEW QUESTION 26
Which of the following is necessary to automate a control for Inventory and Control of Hardware Assets?

  • A. An up-to-date hardening guide
  • B. A centralized time server
  • C. An inventory of unauthorized assets
  • D. A method of device scanning

Answer: D

 

NEW QUESTION 27
What documentation should be gathered and reviewed for evaluating an Incident Response program?

  • A. NIST Cybersecurity Framework
  • B. Results from security training assessments
  • C. Policy and Procedures
  • D. Staff member interviews

Answer: C

 

NEW QUESTION 28
Which of the following CIS Controls is used to manage the security lifecycle by validating that the documented controls are in place?

  • A. Controlled Use of Administrative Privilege
  • B. Data Protection
  • C. Account Monitoring and Control
  • D. Penetration Tests and Red Team Exercises

Answer: D

 

NEW QUESTION 29
A security incident investigation identified the following modified version of a legitimate system file on a compromised client:
C:\Windows\System32\winxml.dll Addition Jan. 16, 2014 4:53:11 PM
The infection vector was determined to be a vulnerable browser plug-in installed by the user. Which of the organization's CIS Controls failed?

  • A. Application Software Security
  • B. Maintenance, Monitoring, and Analysis of Audit Logs
  • C. Inventory and Control of Software Assets
  • D. Inventory and Control of Hardware Assets

Answer: C

 

NEW QUESTION 30
What is a recommended defense for the CIS Control for Application Software Security?

  • A. Display system error messages for only non-kernel related events
  • B. Limit access to the web application production environment to just the developers
  • C. Keep debugging code in production web applications for quick troubleshooting
  • D. Run a dedicated vulnerability scanner against backend databases

Answer: D

 

NEW QUESTION 31
After installing a software package on several workstations, an administrator discovered the software opened network port TCP 23456 on each workstation. The port is part of a software management function that is not needed on corporate workstations. Which actions would best protect the computers with the software package installed?

  • A. Block TCP 23456 at the network perimeter firewall
  • B. Document the port number and request approval from a change control group
  • C. Determine which service controls the software management function and opens the port, and disable it
  • D. Redirect traffic to and from the software management port to a non-default port

Answer: C

 

NEW QUESTION 32
An organization has implemented a control for Controlled Use of Administrative Privilege. The control requires users to enter a password from their own user account before being allowed elevated privileges, and that no client applications (e.g. web browsers, e-mail clients) can be run with elevated privileges. Which of the following actions will validate this control is implemented properly?

  • A. Check the log entries to match privilege use with access from authorized users.
  • B. Run a script at intervals to identify processes running with administrative privilege.
  • C. Force the root account to only be accessible from the system console.

Answer: B

 

NEW QUESTION 33
Which of the following will decrease the likelihood of eavesdropping on a wireless network?

  • A. Using EAP/TLS authentication and WPA2 with AES encryption
  • B. Broadcasting in the 5Ghz frequency
  • C. Using Wired Equivalent Protocol (WEP)
  • D. Putting the wireless network on a separate VLAN

Answer: A

 

NEW QUESTION 34
Which of the following baselines is considered necessary to implement the Boundary Defense CIS Control?

  • A. Network Traffic/Service Baseline
  • B. Network Information Flow
  • C. Multi-Factor Authentication Standard
  • D. Network Device Configuration Baselines

Answer: B

 

NEW QUESTION 35
What could a security team use the command line tool Nmap for when implementing the Inventory and Control of Hardware Assets Control?

  • A. Actively identify new servers
  • B. Control which devices can connect to the network
  • C. Passively identify new devices
  • D. Inventory offline databases

Answer: A

 

NEW QUESTION 36
What is the first step suggested before implementing any single CIS Control?

  • A. Perform a gap analysis
  • B. Develop a roll-out schedule
  • C. Perform a vulnerability scan
  • D. Develop an effectiveness test

Answer: A

 

NEW QUESTION 37
A global corporation has major data centers in Seattle, New York, London and Tokyo. Which of the following is the correct approach from an intrusion detection and event correlation perspective?

  • A. Configure all data center systems to use GMT time
  • B. Synchronize between Seattle and New York, and use local time for London and Tokyo
  • C. Configure all systems to use their default time settings
  • D. Configure all data center systems to use local time

Answer: D

 

NEW QUESTION 38
Which of the following actions produced the output seen below?

  • A. An access rule was added to firewallrules.txt
  • B. An access rule was removed from firewallrules2.txt
  • C. An access rule was added to firewallrules2.txt
  • D. An access rule was removed from firewallrules.txt

Answer: C

 

NEW QUESTION 39
John is implementing a commercial backup solution for his organization. Which of the following steps should be on the configuration checklist?

  • A. Develop a unique encryption scheme
  • B. Disable software-level encryption to increase speed of transfer
  • C. Enable encryption if it 's not enabled by default

Answer: C

 

NEW QUESTION 40
Which of the following assigns a number indicating the severity of a discovered software vulnerability?

  • A. CVE
  • B. CPE
  • C. CVSS
  • D. CCE

Answer: C

 

NEW QUESTION 41
Which of the following is a benefit of stress-testing a network?

  • A. To determine device behavior in a DoS condition.
  • B. To determine the security configurations of the network
  • C. To determine bandwidth needs for the network.
  • D. To determine the connectivity of the network

Answer: A

 

NEW QUESTION 42
......

GCCC Certification Exam Dumps Questions in here: https://drive.google.com/open?id=1vi1tkfSnoIswndExJo1Ca2rW2RV65fHx

Updated GCCC Exam Practice Test Questions: https://www.actual4cert.com/GCCC-real-questions.html