[Q38-Q59] PASS GCCC exam with GIAC Real Exam Questions - 100% Valid!

Share

PASS GCCC exam with GIAC Real Exam Questions - 100% Valid!

Actual GCCC Exam Recently Updated Questions with Free Demo


The GCCC certification is a globally recognized certification that validates the knowledge and skills of information security professionals in implementing critical security controls. GIAC Critical Controls Certification (GCCC) certification is offered by the Global Information Assurance Certification (GIAC), a leading provider of cybersecurity certifications. GIAC is known for providing practical and relevant certifications that are designed to meet the needs of cybersecurity professionals.


GIAC GCCC certification exam is a rigorous and challenging test, designed to assess the candidate's understanding of critical security controls and their ability to implement and manage them effectively. GCCC exam consists of 150 multiple-choice questions, and candidates have four hours to complete it. The questions are designed to test the candidate's understanding of the critical security controls framework, as well as their ability to apply the concepts to real-world scenarios. Passing the exam requires a score of at least 71%, and those who pass are awarded the GIAC GCCC certification, which is recognized as a valuable credential in the security industry.

 

NEW QUESTION # 38
An organization has created a policy that allows software from an approved list of applications to be installed on workstations. Programs not on the list should not be installed. How can the organization best monitor compliance with the policy?

  • A. Performing regular port scans of workstations on the network
  • B. Auditing Active Directory and alerting when new accounts are created
  • C. Creating an IDS signature to alert based on unknown "User-Agent " strings
  • D. Comparing system snapshots and alerting when changes are made

Answer: C


NEW QUESTION # 39
A global corporation has major data centers in Seattle, New York, London and Tokyo. Which of the following is the correct approach from an intrusion detection and event correlation perspective?

  • A. Configure all systems to use their default time settings
  • B. Synchronize between Seattle and New York, and use local time for London and Tokyo
  • C. Configure all data center systems to use GMT time
  • D. Configure all data center systems to use local time

Answer: D


NEW QUESTION # 40
Scan 1 was taken on Monday. Scan 2 was taken of the same network on Wednesday. Which of the following findings is accurate based on the information contained in the scans?

  • A. The host located at 192.168.177.7 is no longer on the network
  • B. The host with MAC Address D8:50:E6:9F:EE:60 is no longer on the network
  • C. The host located at 192.168.177.21 is a new host on the network
  • D. The host with MAC Address D8:50:E6:9F:EE:60 had an IP address change

Answer: D


NEW QUESTION # 41
Which of the following will decrease the likelihood of eavesdropping on a wireless network?

  • A. Broadcasting in the 5Ghz frequency
  • B. Using Wired Equivalent Protocol (WEP)
  • C. Putting the wireless network on a separate VLAN
  • D. Using EAP/TLS authentication and WPA2 with AES encryption

Answer: D


NEW QUESTION # 42
The settings in the screenshot would be configured as part of which CIS Control?

  • A. Account Monitoring and Control
  • B. Controlled Use of Administrative Privileges
  • C. Application Software Security
  • D. Inventory and Control of Hardware Assets

Answer: D


NEW QUESTION # 43
What is the list displaying?

  • A. Missing patches from a patching server
  • B. Installed software on an end-user device
  • C. Unauthorized programs detected in a software inventory
  • D. Allowed program in a software inventory application

Answer: D


NEW QUESTION # 44
Which of the following is necessary for implementing and automating the Continuous Vulnerability Assessment and Remediation CIS Control?

  • A. Penetration Testing System
  • B. Software Whitelisting System
  • C. System Configuration Enforcement System
  • D. Patch Management System

Answer: D


NEW QUESTION # 45
What is a recommended defense for the CIS Control for Application Software Security?

  • A. Run a dedicated vulnerability scanner against backend databases
  • B. Keep debugging code in production web applications for quick troubleshooting
  • C. Display system error messages for only non-kernel related events
  • D. Limit access to the web application production environment to just the developers

Answer: A


NEW QUESTION # 46
Acme Corporation performed an investigation of its centralized logging capabilities. It found that the central server is missing several types of logs from three servers in Acme's inventory. Given these findings, what is the most appropriate next step?

  • A. Restart or reinstall the logging service on each of the problem servers
  • B. Document the missing logs in the core evaluation report as a minor issue
  • C. Perform analysis to identify the source of the logging problems
  • D. Define processes to manually review logs for the problem servers

Answer: C


NEW QUESTION # 47
What is a zero-day attack?

  • A. An attack that utilizes a vulnerability unknown to the software developer
  • B. An attack that is launched the day the patch is released
  • C. An attack that has a known attack signature but no available patch
  • D. An attack that deploys at the end of a countdown sequence

Answer: A


NEW QUESTION # 48
John a network administrator at Northeast High School. Faculty have been complaining that although they can detect and authenticate to the faculty wireless network, they are unable to connect. While troubleshooting, John discovers that the wireless network server is out of DHCP addresses due to a large number of unauthorized student devices connecting to the network. Which course of action would be an effective temporary stopgap to secure the network until a permanent solution can be found?

  • A. Shorten the DHCP lease time
  • B. Limit access to allowed MAC addresses
  • C. Change the password immediately
  • D. Increase the size of the DHCP pool

Answer: C


NEW QUESTION # 49
To effectively implement the Data Protection CIS Control, which task needs to be implemented first?

  • A. The organization's proprietary data needs to be identified
  • B. Employees need to be notified that proprietary data should be protected
  • C. The organization's proprietary data needs to be encrypted
  • D. Appropriate file content matching needs to be configured

Answer: A


NEW QUESTION # 50
What documentation should be gathered and reviewed for evaluating an Incident Response program?

  • A. NIST Cybersecurity Framework
  • B. Policy and Procedures
  • C. Staff member interviews
  • D. Results from security training assessments

Answer: B


NEW QUESTION # 51
An organization has implemented a control for penetration testing and red team exercises conducted on their network. They have compiled metrics showing the success of the penetration testing (Penetration Tests), as well as the number of actual adversary attacks they have sustained (External Attacks). Assess the metrics below and determine the appropriate interpretation with respect to this control.

  • A. The blue team is adequately protecting the network
  • B. The red team is improving their capability to measure network security
  • C. The methods the red team is using are not effectively testing the network
  • D. There are too many internal penetration tests being conducted

Answer: C


NEW QUESTION # 52
Which of the following is a benefit of stress-testing a network?

  • A. To determine bandwidth needs for the network.
  • B. To determine the connectivity of the network
  • C. To determine device behavior in a DoS condition.
  • D. To determine the security configurations of the network

Answer: C


NEW QUESTION # 53
Which of the following assigns a number indicating the severity of a discovered software vulnerability?

  • A. CCE
  • B. CVE
  • C. CPE
  • D. CVSS

Answer: D


NEW QUESTION # 54
An analyst investigated unused organizational accounts. The investigation found that:
-10% of accounts still have their initial login password, indicating they were never used
-10% of accounts have not been used in over six months
Which change in policy would mitigate the security risk associated with both findings?

  • A. Accounts without login activity for 15 days are automatically locked
  • B. Accounts must have passwords of at least 8 characters, with one number or symbol
  • C. Users are required to change their password at the next login after three months

Answer: A


NEW QUESTION # 55
An Internet retailer's database was recently exploited by a foreign criminal organization via a remote attack.
The initial exploit resulted in immediate root-level access. What could have been done to prevent this level of access being given to the intruder upon successful exploitation?

  • A. Install host integrity monitoring software
  • B. Configure the DMZ firewall to block unnecessary service
  • C. Install updated anti-virus software
  • D. Configure the database to run with lower privileges

Answer: D


NEW QUESTION # 56
Beta corporation is doing a core evaluation of its centralized logging capabilities. The security staff suspects that the central server has several log files over the past few weeks that have had their contents changed. Given this concern, and the need to keep archived logs for log correction applications, what is the most appropriate next steps?

  • A. Keep the files in the log archives synchronized with another location.
  • B. Encrypt the log files with an asymmetric key and remove the cleartext version.
  • C. Install a tier one timeserver on the network to keep log devices synchronized.
  • D. Store the files read-only and keep hashes of the logs separately.

Answer: D


NEW QUESTION # 57
What is an organization's goal in deploying a policy to encrypt all mobile devices?

  • A. Applying the principle of defense in depth to their mobile devices
  • B. Controlling unauthorized access to sensitive information
  • C. Providing their employees, a secure method of connecting to the corporate network
  • D. Enabling best practices for the protection of their software licenses

Answer: B


NEW QUESTION # 58
Which CIS Control includes storing system images on a hardened server, scanning production systems for out-of-date software, and using file integrity assessment tools like tripwire?

  • A. Inventory of Authorized and Unauthorized Software
  • B. Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers
  • C. Continuous Vulnerability Management
  • D. Secure Configurations for Network Devices such as Firewalls, Routers and Switches

Answer: B


NEW QUESTION # 59
......

GCCC Free Sample Questions to Practice One Year Update: https://www.passleader.top/GIAC/GCCC-exam-braindumps.html

Free GIAC GCCC Exam Questions: https://drive.google.com/open?id=1oQL1DyGNDkbjChns7HQDC-o6z5tzOOCe