[Nov 26, 2021] New Real GCCC Exam Dumps Questions
Pass Your GCCC Exam Easily with Accurate GIAC Critical Controls Certification (GCCC) PDF Questions
GIAC GCCC Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
| Topic 8 |
|
| Topic 9 |
|
| Topic 11 |
|
NEW QUESTION 22
An organization has implemented a policy to detect and remove malicious software from its network. Which of the following actions is focused on correcting rather than preventing attack?
- A. Training users to recognize potential phishing attempts
- B. Using Network access control to disable communication by hosts with viruses
- C. Configuring a firewall to only allow communication to whitelisted hosts and ports
- D. Disabling autorun features on all workstations on the network
Answer: B
NEW QUESTION 23
Which of the following should be measured and analyzed regularly when implementing the Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers CIS Control?
- A. What percentage of systems in the organization are using Network Level Authentication (NLA)
- B. How long does it take to identify new unauthorized listening ports on the network systems
- C. What percentage of assets will have their settings enforced and redeployed
- D. What percentage of the organization's applications are using sandboxing products
- E. How long does it take to remove unauthorized software from the organization's systems
Answer: C
NEW QUESTION 24
Which type of scan is best able to determine if user workstations are missing any important patches?
- A. A network vulnerability scan using aggressive scanning
- B. A port scan using banner grabbing
- C. A web application/database scan
- D. A source code scan
- E. A vulnerability scan using valid credentials
Answer: E
NEW QUESTION 25
When evaluating the Wireless Access Control CIS Control, which of the following systems needs to be tested?
- A. 802.1x authentication systems
- B. Data classification and access baselines
- C. Log management system
- D. PII data scanner
Answer: A
NEW QUESTION 26
Which of the following is necessary to automate a control for Inventory and Control of Hardware Assets?
- A. An up-to-date hardening guide
- B. A centralized time server
- C. An inventory of unauthorized assets
- D. A method of device scanning
Answer: D
NEW QUESTION 27
What documentation should be gathered and reviewed for evaluating an Incident Response program?
- A. NIST Cybersecurity Framework
- B. Results from security training assessments
- C. Policy and Procedures
- D. Staff member interviews
Answer: C
NEW QUESTION 28
Which of the following CIS Controls is used to manage the security lifecycle by validating that the documented controls are in place?
- A. Controlled Use of Administrative Privilege
- B. Data Protection
- C. Account Monitoring and Control
- D. Penetration Tests and Red Team Exercises
Answer: D
NEW QUESTION 29
A security incident investigation identified the following modified version of a legitimate system file on a compromised client:
C:\Windows\System32\winxml.dll Addition Jan. 16, 2014 4:53:11 PM
The infection vector was determined to be a vulnerable browser plug-in installed by the user. Which of the organization's CIS Controls failed?
- A. Application Software Security
- B. Maintenance, Monitoring, and Analysis of Audit Logs
- C. Inventory and Control of Software Assets
- D. Inventory and Control of Hardware Assets
Answer: C
NEW QUESTION 30
What is a recommended defense for the CIS Control for Application Software Security?
- A. Display system error messages for only non-kernel related events
- B. Limit access to the web application production environment to just the developers
- C. Keep debugging code in production web applications for quick troubleshooting
- D. Run a dedicated vulnerability scanner against backend databases
Answer: D
NEW QUESTION 31
After installing a software package on several workstations, an administrator discovered the software opened network port TCP 23456 on each workstation. The port is part of a software management function that is not needed on corporate workstations. Which actions would best protect the computers with the software package installed?
- A. Block TCP 23456 at the network perimeter firewall
- B. Document the port number and request approval from a change control group
- C. Determine which service controls the software management function and opens the port, and disable it
- D. Redirect traffic to and from the software management port to a non-default port
Answer: C
NEW QUESTION 32
An organization has implemented a control for Controlled Use of Administrative Privilege. The control requires users to enter a password from their own user account before being allowed elevated privileges, and that no client applications (e.g. web browsers, e-mail clients) can be run with elevated privileges. Which of the following actions will validate this control is implemented properly?
- A. Check the log entries to match privilege use with access from authorized users.
- B. Run a script at intervals to identify processes running with administrative privilege.
- C. Force the root account to only be accessible from the system console.
Answer: B
NEW QUESTION 33
Which of the following will decrease the likelihood of eavesdropping on a wireless network?
- A. Using EAP/TLS authentication and WPA2 with AES encryption
- B. Broadcasting in the 5Ghz frequency
- C. Using Wired Equivalent Protocol (WEP)
- D. Putting the wireless network on a separate VLAN
Answer: A
NEW QUESTION 34
Which of the following baselines is considered necessary to implement the Boundary Defense CIS Control?
- A. Network Traffic/Service Baseline
- B. Network Information Flow
- C. Multi-Factor Authentication Standard
- D. Network Device Configuration Baselines
Answer: B
NEW QUESTION 35
What could a security team use the command line tool Nmap for when implementing the Inventory and Control of Hardware Assets Control?
- A. Actively identify new servers
- B. Control which devices can connect to the network
- C. Passively identify new devices
- D. Inventory offline databases
Answer: A
NEW QUESTION 36
What is the first step suggested before implementing any single CIS Control?
- A. Perform a gap analysis
- B. Develop a roll-out schedule
- C. Perform a vulnerability scan
- D. Develop an effectiveness test
Answer: A
NEW QUESTION 37
A global corporation has major data centers in Seattle, New York, London and Tokyo. Which of the following is the correct approach from an intrusion detection and event correlation perspective?
- A. Configure all data center systems to use GMT time
- B. Synchronize between Seattle and New York, and use local time for London and Tokyo
- C. Configure all systems to use their default time settings
- D. Configure all data center systems to use local time
Answer: D
NEW QUESTION 38
Which of the following actions produced the output seen below?
- A. An access rule was added to firewallrules.txt
- B. An access rule was removed from firewallrules2.txt
- C. An access rule was added to firewallrules2.txt
- D. An access rule was removed from firewallrules.txt
Answer: C
NEW QUESTION 39
John is implementing a commercial backup solution for his organization. Which of the following steps should be on the configuration checklist?
- A. Develop a unique encryption scheme
- B. Disable software-level encryption to increase speed of transfer
- C. Enable encryption if it 's not enabled by default
Answer: C
NEW QUESTION 40
Which of the following assigns a number indicating the severity of a discovered software vulnerability?
- A. CVE
- B. CPE
- C. CVSS
- D. CCE
Answer: C
NEW QUESTION 41
Which of the following is a benefit of stress-testing a network?
- A. To determine device behavior in a DoS condition.
- B. To determine the security configurations of the network
- C. To determine bandwidth needs for the network.
- D. To determine the connectivity of the network
Answer: A
NEW QUESTION 42
......
GCCC Certification Exam Dumps Questions in here: https://drive.google.com/open?id=1vi1tkfSnoIswndExJo1Ca2rW2RV65fHx
Updated GCCC Exam Practice Test Questions: https://www.actual4cert.com/GCCC-real-questions.html