• Home
  • Articles
  • GIAC GCCC Questions and Answers Guarantee you Oass the Test Easily [Q25-Q46]

GIAC GCCC Questions and Answers Guarantee you Oass the Test Easily [Q25-Q46]

Share

GIAC GCCC Questions and Answers Guarantee you Oass the Test Easily

Share Latest GCCC DUMP with 95 Questions and Answers


GIAC GCCC certification exam covers a wide range of topics, including the implementation and maintenance of the Critical Security Controls, risk management, vulnerability assessment, incident response, and compliance. GCCC exam is divided into three sections, and it consists of 115 questions that are designed to test the candidate's knowledge, skills, and abilities in these areas.

 

NEW QUESTION # 25
As part of an effort to implement a control on E-mail and Web Protections, an organization is monitoring their webserver traffic. Which event should they receive an alert on?

  • A. The website does not respond to a SYN packet for 30 minutes
  • B. The logfiles of the webserver are rotated and archived
  • C. The number of website hits is higher that the daily average
  • D. The website issues a RST to a client after the connection is idle

Answer: A


NEW QUESTION # 26
What is a zero-day attack?

  • A. An attack that is launched the day the patch is released
  • B. An attack that deploys at the end of a countdown sequence
  • C. An attack that utilizes a vulnerability unknown to the software developer
  • D. An attack that has a known attack signature but no available patch

Answer: C


NEW QUESTION # 27
Which of the following is a responsibility of a change management board?

  • A. Providing recommendations for the changes
  • B. Reviewing configuration of the documents
  • C. Approving system baseline configurations.
  • D. Reviewing log files for unapproved changes

Answer: C


NEW QUESTION # 28
Janice is auditing the perimeter of the network at Sugar Water InC. According to documentation, external SMTP traffic is only allowed to and from 10.10.10.25. Which of the following actions would demonstrate the rules are configured incorrectly?

  • A. Successfully deliver mail from another host inside the network directly to an external contact
  • B. Successfully deliver mail from web client using another host inside the network to an external contact.
  • C. Receive spam from a known bad domain
  • D. Receive mail at Sugar Water Inc. account using Outlook as a mail client

Answer: A


NEW QUESTION # 29
Which of the following is a benefit of stress-testing a network?

  • A. To determine the connectivity of the network
  • B. To determine bandwidth needs for the network.
  • C. To determine the security configurations of the network
  • D. To determine device behavior in a DoS condition.

Answer: D


NEW QUESTION # 30
Beta corporation is doing a core evaluation of its centralized logging capabilities. The security staff suspects that the central server has several log files over the past few weeks that have had their contents changed. Given this concern, and the need to keep archived logs for log correction applications, what is the most appropriate next steps?

  • A. Store the files read-only and keep hashes of the logs separately.
  • B. Keep the files in the log archives synchronized with another location.
  • C. Install a tier one timeserver on the network to keep log devices synchronized.
  • D. Encrypt the log files with an asymmetric key and remove the cleartext version.

Answer: A


NEW QUESTION # 31
An organization has installed a firewall for Boundary Defense. It allows only outbound traffic from internal workstations for web and SSH, allows connections from the internet to the DMZ, and allows guest wireless access to the internet only. How can an auditor validate these rules?

  • A. Check for packets going from the Internet to the Web server
  • B. Try to send email from a wireless guest account
  • C. Try to access the internal network from the wireless router
  • D. Check for packages going from the web server to the user workstations

Answer: C


NEW QUESTION # 32
An analyst investigated unused organizational accounts. The investigation found that:
-10% of accounts still have their initial login password, indicating they were never used
-10% of accounts have not been used in over six months
Which change in policy would mitigate the security risk associated with both findings?

  • A. Accounts must have passwords of at least 8 characters, with one number or symbol
  • B. Accounts without login activity for 15 days are automatically locked
  • C. Users are required to change their password at the next login after three months

Answer: B


NEW QUESTION # 33
DHCP logging output in the screenshot would be used for which of the following?

  • A. Detecting malicious activity by compromised or unauthorized devices on the network.
  • B. Enforcing port-based network access control to prevent unauthorized devices on the network.
  • C. Providing ping sweep results to identify live network hosts for vulnerability scanning.
  • D. Identifying new connections to maintain an up-to-date inventory of devices on the network.

Answer: D


NEW QUESTION # 34
Below is a screenshot from a deployed next-generation firewall. These configuration settings would be a defensive measure for which CIS Control?

  • A. Limitation and Control of Network Ports, Protocols and Services
  • B. Secure Configuration for Network Devices, such as Firewalls, Routers and Switches.
  • C. Controlled Access Based on the Need to Know
  • D. Email and Web Browser Protections

Answer: D


NEW QUESTION # 35
Which of the following is a reliable way to test backed up data?

  • A. Restore the data to a system
  • B. Compare data hashes of backed up data to original systems
  • C. Confirm the backup service is running at the proper time
  • D. Verify the file size of the backup

Answer: A


NEW QUESTION # 36
Kenya is a system administrator for SANS. Per the recommendations of the CIS Controls she has a dedicated host (kenya- adminbox / 10.10.10.10) for any administrative tasks. She logs into the dedicated host with her domain admin credentials. Which of the following connections should not exist from kenya-adminbox?

  • A. 10.10.10.33.443
  • B. 10.10.245.3389
  • C. Firewall_charon.jane.org.22
  • D. Mail.jane.org.25

Answer: D


NEW QUESTION # 37
If an attacker wanted to dump hashes or run wmic commands on a target machine, which of the following tools would he use?

  • A. OpenVAS
  • B. Mimikatz
  • C. Metasploit

Answer: C


NEW QUESTION # 38
What tool creates visual network topology output and results that can be analyzed by Ndiff to determine if a service or network asset has changed?

  • A. Ngrep
  • B. Netscreen
  • C. CIS-CAT
  • D. Zenmap

Answer: D


NEW QUESTION # 39
When evaluating the Wireless Access Control CIS Control, which of the following systems needs to be tested?

  • A. Log management system
  • B. PII data scanner
  • C. Data classification and access baselines
  • D. 802.1x authentication systems

Answer: D


NEW QUESTION # 40
Based on the data shown below.

Which wireless access point has the manufacturer default settings still in place?

  • A. Interwebz
  • B. Linksys
  • C. Starbucks
  • D. Hhonors

Answer: B


NEW QUESTION # 41
What type of Unified Modelling Language (UML) diagram is used to show dependencies between logical groupings in a system?

  • A. Deployment diagram
  • B. Class diagram
  • C. Package diagram
  • D. Use case diagram

Answer: C


NEW QUESTION # 42
Executive management approved the storage of sensitive data on smartphones and tablets as long as they were encrypted. Later a vulnerability was announced at an information security conference that allowed attackers to bypass the device's authentication process, making the data accessible. The smartphone manufacturer said it would take six months for the vulnerability to be fixed and distributed through the cellular carriers. Four months after the vulnerability was announced, an employee lost his tablet and the sensitive information became public.
What was the failure that led to the information being lost?

  • A. The employees failed to maintain their devices at the most current software version
  • B. Vulnerability scans were not done to identify the devices that we at risk
  • C. There was no risk acceptance review after the risk changed
  • D. Management had not insured against the possibility of the information being lost

Answer: C


NEW QUESTION # 43
Which of the following archiving methods would maximize log integrity?

  • A. DVD-R
  • B. Magnetic Tape
  • C. CD-RW
  • D. USB flash drive

Answer: A


NEW QUESTION # 44
Which of the following assigns a number indicating the severity of a discovered software vulnerability?

  • A. CVSS
  • B. CVE
  • C. CPE
  • D. CCE

Answer: A


NEW QUESTION # 45
Acme Corporation is doing a core evaluation of its centralized logging capabilities. Which of the following scenarios indicates a failure in more than one CIS Control?

  • A. The loghost is receiving out-of-sync logs from undocumented servers
  • B. The loghost is missing logs from 3 servers in the inventory
  • C. The loghost time is out-of-sync with an external host
  • D. The loghost is receiving logs from hosts with different timezone values

Answer: A


NEW QUESTION # 46
......

Dumps for Free GCCC Practice Exam Questions: https://lead2pass.real4prep.com/GCCC-exam.html

Related Articles

more
GIAC GCCC Certification Practice Exam