[Q52-Q73] Dumps for Free GIAC GCCC Practice Exam Questions [Nov 10, 2024]

November 10, 2024 admin 0 Comments

Rate this post

Dumps for Free GIAC GCCC Practice Exam Questions [Nov 10, 2024]

GCCC Dumps PDF And Certification Training

The GIAC Critical Controls Certification (GCCC) certification exam is designed for professionals with at least five years of experience in the field of cybersecurity. Candidates must demonstrate their knowledge of critical security controls, risk management, and compliance frameworks, and their ability to implement and manage these controls effectively.

Q52. Which of the following should be used to test antivirus software?

FIPS 140-2

Code Red

Heartbleed

EICAR

Q53. Which of the following CIS Controls is used to manage the security lifecycle by validating that the documented controls are in place?

Controlled Use of Administrative Privilege

Account Monitoring and Control

Data Protection

Penetration Tests and Red Team Exercises

Q54. What is the business goal of the Inventory and Control of Software Assets Control?

Only authorized software should be installed on the agency ‘s c omput er s ys t ems

All software conforms to licensing requirements for the business

Accurate software versions are captured to enable patching

Accurate software versions and counts are documented for licensing updates

Q55. When evaluating the Wireless Access Control CIS Control, which of the following systems needs to be tested?

Log management system

802.1x authentication systems

Data classification and access baselines

PII data scanner

Q56. What is a recommended defense for the CIS Control for Application Software Security?

Keep debugging code in production web applications for quick troubleshooting

Limit access to the web application production environment to just the developers

Run a dedicated vulnerability scanner against backend databases

Display system error messages for only non-kernel related events

Q57. Below is a screenshot from a deployed next-generation firewall. These configuration settings would be a defensive measure for which CIS Control?

Controlled Access Based on the Need to Know

Limitation and Control of Network Ports, Protocols and Services

Email and Web Browser Protections

Secure Configuration for Network Devices, such as Firewalls, Routers and Switches.

Q58. A need has been identified to organize and control access to different classifications of information stored on a fileserver. Which of the following approaches will meet this need?

Organize files according to the user that created them and allow the user to determine permissions

Divide the documents into confidential, internal, and public folders, and ser permissions on each folder

Set user roles by job or position, and create permission by role for each file

Divide the documents by department and set permissions on each departmental folder

Q59. Which of the following is a responsibility of a change management board?

Reviewing log files for unapproved changes

Approving system baseline configurations.

Providing recommendations for the changes

Reviewing configuration of the documents

Q60. Allied services have recently purchased NAC devices to detect and prevent non-company owned devices from attaching to their internal wired and wireless network. Corporate devices will be automatically added to the approved device list by querying Active Directory for domain devices. Non-approved devices will be placed on a protected VLAN with no network access. The NAC also offers a web portal that can be integrated with Active Directory to allow for employee device registration which will not be utilized in this deployment.
Which of the following recommendations would make NAC installation more secure?

Enforce company configuration standards for personal mobile devices

Configure Active Directory to push an updated inventory to the NAC daily

Disable the web portal device registration service

Change the wireless password following the NAC implementation

Q61. What is the first step suggested before implementing any single CIS Control?

Develop an effectiveness test

Perform a gap analysis

Perform a vulnerability scan

Develop a roll-out schedule

Q62. Which of the following statements is appropriate in an incident response report?

There had been a storm on September 27th that may have caused a power surge

The registry entry was modified on September 29th at 22:37

The attacker may have been able to access the systems due to missing KB2965111

The backup process may have failed at 2345 due to lack of available bandwidth

Q63. Which of the following baselines is considered necessary to implement the Boundary Defense CIS Control?

Multi-Factor Authentication Standard

Network Traffic/Service Baseline

Network Device Configuration Baselines

Network Information Flow

Q64. An organization has installed a firewall for Boundary Defense. It allows only outbound traffic from internal workstations for web and SSH, allows connections from the internet to the DMZ, and allows guest wireless access to the internet only. How can an auditor validate these rules?

Check for packets going from the Internet to the Web server

Try to send email from a wireless guest account

Check for packages going from the web server to the user workstations

Try to access the internal network from the wireless router

Q65. Janice is auditing the perimeter of the network at Sugar Water InC. According to documentation, external SMTP traffic is only allowed to and from 10.10.10.25. Which of the following actions would demonstrate the rules are configured incorrectly?

Receive spam from a known bad domain

Receive mail at Sugar Water Inc. account using Outlook as a mail client

Successfully deliver mail from another host inside the network directly to an external contact

Successfully deliver mail from web client using another host inside the network to an external contact.

Q66. Which approach is recommended by the CIS Controls for performing penetration tests?

Document a single vulnerability per system

Utilize a single attack vector at a time

Complete intrusive tests on test systems

Execute all tests during network maintenance windows

Q67. Dragonfly Industries requires firewall rules to go through a change management system before they are configured. Review the change management log. Which of the following lines in your firewall ruleset has expired and should be removed from the configuration?

access-list outbound permit tcp host 10.1.1.7 any eq smtp

access-list outbound deny tcp any host 74.125.228.2 eq www

access-list inbound permit tcp 8.8.0.0 0.0.0.255 10.10.12.252 eq 8080

access-list inbound permit tcp host 8.8.207.97 host 10.10.12.100 eq ssh

Q68. An organization has failed a test for compliance with a policy of continual detection and removal of malicious software on its network. Which of the following errors is the root cause?

A host ran malicious software that exploited a vulnerability for which there was no patch

The security console alerted when a host anti-virus ran whitelisted software

The intrusion prevention system failed to update to the newest signature list

A newly discovered vulnerability was not detected by the intrusion detection system

Q69. An organization has implemented a policy to detect and remove malicious software from its network. Which of the following actions is focused on correcting rather than preventing attack?

Configuring a firewall to only allow communication to whitelisted hosts and ports

Using Network access control to disable communication by hosts with viruses

Disabling autorun features on all workstations on the network

Training users to recognize potential phishing attempts

Q70. What is a zero-day attack?

An attack that has a known attack signature but no available patch

An attack that utilizes a vulnerability unknown to the software developer

An attack that deploys at the end of a countdown sequence

An attack that is launched the day the patch is released

Q71. After installing a software package on several workstations, an administrator discovered the software opened network port TCP 23456 on each workstation. The port is part of a software management function that is not needed on corporate workstations. Which actions would best protect the computers with the software package installed?

Document the port number and request approval from a change control group

Redirect traffic to and from the software management port to a non-default port

Block TCP 23456 at the network perimeter firewall

Determine which service controls the software management function and opens the port, and disable it

Q72. Why is it important to enable event log storage on a system immediately after it is installed?

To allow system to be restored to a known good state if it is compromised

To create the ability to separate abnormal behavior from normal behavior during an incident

To compare it performance with other systems already on the network

To identify root kits included on the system out of the box

Q73. Which of the following should be measured and analyzed regularly when implementing the Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers CIS Control?

How long does it take to identify new unauthorized listening ports on the network systems

How long does it take to remove unauthorized software from the organization’s systems

What percentage of the organization’s applications are using sandboxing products

What percentage of assets will have their settings enforced and redeployed

What percentage of systems in the organization are using Network Level Authentication (NLA)

Loading …

Check your preparation for GIAC GCCC On-Demand Exam: https://www.topexamcollection.com/GCCC-vce-collection.html

GCCC Practice Tests

[Q52-Q73] Dumps for Free GIAC GCCC Practice Exam Questions [Nov 10, 2024]

Related Certifications

GCFA
GCCC
GSEC
GPEN