New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

GCCC GIAC Critical Controls Certification (GCCC) Questions and Answers

Questions 4

Which type of scan is best able to determine if user workstations are missing any important patches?

Options:

A.

A network vulnerability scan using aggressive scanning

B.

A source code scan

C.

A port scan using banner grabbing

D.

A web application/database scan

E.

A vulnerability scan using valid credentials

Buy Now
Questions 5

Acme Corporation is doing a core evaluation of its centralized logging capabilities. Which of the following scenarios indicates a failure in more than one CIS Control?

Options:

A.

The loghost is missing logs from 3 servers in the inventory

B.

The loghost is receiving logs from hosts with different timezone values

C.

The loghost time is out-of-sync with an external host

D.

The loghost is receiving out-of-sync logs from undocumented servers

Buy Now
Questions 6

If an attacker wanted to dump hashes or run wmic commands on a target machine, which of the following tools would he use?

Options:

A.

Mimikatz

B.

OpenVAS

C.

Metasploit

Buy Now
Questions 7

Allied services have recently purchased NAC devices to detect and prevent non-company owned devices from attaching to their internal wired and wireless network. Corporate devices will be automatically added to the approved device list by querying Active Directory for domain devices. Non-approved devices will be placed on a protected VLAN with no network access. The NAC also offers a web portal that can be integrated with Active Directory to allow for employee device registration which will not be utilized in this deployment. Which of the following recommendations would make NAC installation more secure?

Options:

A.

Enforce company configuration standards for personal mobile devices

B.

Configure Active Directory to push an updated inventory to the NAC daily

C.

Disable the web portal device registration service

D.

Change the wireless password following the NAC implementation

Buy Now
Questions 8

How can the results of automated network configuration scans be used to improve the security of the network?

Options:

A.

Reports can be sent to the CIO for performance benchmarks

B.

Results can be provided to network engineers as actionable feedback

C.

Scanners can correct network configurations issues

D.

Results can be included in audit evidence failures

Buy Now
Questions 9

During a security audit which test should result in a source packet failing to reach its intended destination?

Options:

A.

A new connection request from the Internet is sent to a host on the company ’s internal net work

B.

A packet originating from the company’s DMZ is sent to a host on the company’s internal network

C.

A new connection request from the internet is sent to the company’s DNS server

D.

A packet originating from the company’s internal network is sent to the company’s DNS server

Buy Now
Questions 10

An organization has implemented a policy to continually detect and remove malware from its network. Which of the following is a detective control needed for this?

Options:

A.

Host-based firewall sends alerts when packets are sent to a closed port

B.

Network Intrusion Prevention sends alerts when RST packets are received

C.

Network Intrusion Detection devices sends alerts when signatures are updated

D.

Host-based anti-virus sends alerts to a central security console

Buy Now
Questions 11

John is implementing a commercial backup solution for his organization. Which of the following steps should be on the configuration checklist?

Options:

A.

Enable encryption if it ’s not enabled by default

B.

Disable software-level encryption to increase speed of transfer

C.

Develop a unique encryption scheme

Buy Now
Questions 12

What is a recommended defense for the CIS Control for Application Software Security?

Options:

A.

Keep debugging code in production web applications for quick troubleshooting

B.

Limit access to the web application production environment to just the developers

C.

Run a dedicated vulnerability scanner against backend databases

D.

Display system error messages for only non-kernel related events

Buy Now
Questions 13

What is an organization’s goal in deploying a policy to encrypt all mobile devices?

Options:

A.

Enabling best practices for the protection of their software licenses

B.

Providing their employees, a secure method of connecting to the corporate network C. Controlling unauthorized access to sensitive information

C.

Applying the principle of defense in depth to their mobile devices

Buy Now
Exam Code: GCCC
Exam Name: GIAC Critical Controls Certification (GCCC)
Last Update: Dec 27, 2024
Questions: 93
GCCC pdf

GCCC PDF

$25.5  $84.99
GCCC Engine

GCCC Testing Engine

$30  $99.99
GCCC PDF + Engine

GCCC PDF + Testing Engine

$40.5  $134.99