[May 12, 2024] Get New GCCC Certification – Valid Exam Dumps Questions [Q38-Q60]

Rate this post

[May 12, 2024] Get New GCCC Certification – Valid Exam Dumps Questions

100% Passing Guarantee – Brilliant GCCC Exam Questions PDF

GIAC GCCC certification is considered a valuable credential in the IT security industry. It is recognized by employers and organizations worldwide as a standard of excellence in the field of critical security controls. GIAC Critical Controls Certification (GCCC) certification demonstrates that the candidate has the skills and expertise necessary to implement and manage critical security controls, and that they are committed to maintaining the highest level of security within their organization.

NEW QUESTION 38
What is the list displaying?

Allowed program in a software inventory application

Unauthorized programs detected in a software inventory

Missing patches from a patching server

Installed software on an end-user device

NEW QUESTION 39
Which of the following actions will assist an organization specifically with implementing web application software security?

Making sure that all hosts are patched during regularly scheduled maintenance

Providing end-user security training to both internal staff and vendors

Establishing network activity baselines among public-facing servers

Having a plan to scan vulnerabilities of an application prior to deployment

NEW QUESTION 40
To effectively implement the Data Protection CIS Control, which task needs to be implemented first?

The organization’s proprietary data needs to be encrypted

Employees need to be notified that proprietary data should be protected

The organization’s proprietary data needs to be identified

Appropriate file content matching needs to be configured

NEW QUESTION 41
DHCP logging output in the screenshot would be used for which of the following?

Enforcing port-based network access control to prevent unauthorized devices on the network.

Identifying new connections to maintain an up-to-date inventory of devices on the network.

Detecting malicious activity by compromised or unauthorized devices on the network.

Providing ping sweep results to identify live network hosts for vulnerability scanning.

NEW QUESTION 42
What could a security team use the command line tool Nmap for when implementing the Inventory and Control of Hardware Assets Control?

Control which devices can connect to the network

Passively identify new devices

Inventory offline databases

Actively identify new servers

NEW QUESTION 43
Which projects enumerates or maps security issues to CVE?

CIS Controls

SCAP

ISO 2700

NIST

NEW QUESTION 44
An organization has implemented a policy to continually detect and remove malware from its network. Which of the following is a detective control needed for this?

Host-based firewall sends alerts when packets are sent to a closed port

Network Intrusion Prevention sends alerts when RST packets are received

Network Intrusion Detection devices sends alerts when signatures are updated

Host-based anti-virus sends alerts to a central security console

NEW QUESTION 45
Implementing which of the following will decrease spoofed e-mail messages?

Finger Protocol

Sender Policy Framework

Network Address Translation

Internet Message Access Protocol

NEW QUESTION 46
Review the below results of an audit on a server. Based on these results, which document would you recommend be reviewed for training or updates?

Procedure for authorizing remote server access

Procedure for modifying file permissions

Procedure for adjusting network share permissions

Procedure for setting and resetting user passwords

NEW QUESTION 47
An organization has implemented a control for penetration testing and red team exercises conducted on their network. They have compiled metrics showing the success of the penetration testing (Penetration Tests), as well as the number of actual adversary attacks they have sustained (External Attacks). Assess the metrics below and determine the appropriate interpretation with respect to this control.

The blue team is adequately protecting the network

There are too many internal penetration tests being conducted

The methods the red team is using are not effectively testing the network

The red team is improving their capability to measure network security

NEW QUESTION 48
Which of the following should be measured and analyzed regularly when implementing the Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers CIS Control?

How long does it take to identify new unauthorized listening ports on the network systems

How long does it take to remove unauthorized software from the organization’s systems

What percentage of the organization’s applications are using sandboxing products

What percentage of assets will have their settings enforced and redeployed

What percentage of systems in the organization are using Network Level Authentication (NLA)

NEW QUESTION 49
An administrator looking at a web application’s log file found login attempts by the same host over several seconds. Each user ID was attempted with three different passwords. The event took place over 5 seconds.
* ROOT
* TEST
* ADMIN
* SQL
* USER
* NAGIOSGUEST
What is the most likely source of this event?

An IT administrator attempting to use outdated credentials to enter the site

An attempted Denial of Service attack by locking out administrative accounts

An automated tool that attempts to use a dictionary attack to infiltrate a website

An attempt to use SQL Injection to gain information from a web-connected database

NEW QUESTION 50
Which of the following is a requirement in order to implement the principle of least privilege?

Mandatory Access Control (MAC)

Data normalization

Data classification

Discretionary Access Control (DAC)

NEW QUESTION 51
An organization is implementing an application software security control their custom-written code that provides web-based database access to sales partners. Which action will help mitigate the risk of the application being compromised?

Providing the source code for their web application to existing sales partners

Identifying high-risk assets that are on the same network as the web application server

Creating signatures for their IDS to detect attacks specific to their web application

Logging the connection requests to the web application server from outside hosts

NEW QUESTION 52
What is a zero-day attack?

An attack that has a known attack signature but no available patch

An attack that utilizes a vulnerability unknown to the software developer

An attack that deploys at the end of a countdown sequence

An attack that is launched the day the patch is released

NEW QUESTION 53
An Internet retailer’s database was recently exploited by a foreign criminal organization via a remote attack.
The initial exploit resulted in immediate root-level access. What could have been done to prevent this level of access being given to the intruder upon successful exploitation?

Configure the DMZ firewall to block unnecessary service

Install host integrity monitoring software

Install updated anti-virus software

Configure the database to run with lower privileges

NEW QUESTION 54
Why is it important to enable event log storage on a system immediately after it is installed?

To allow system to be restored to a known good state if it is compromised

To create the ability to separate abnormal behavior from normal behavior during an incident

To compare it performance with other systems already on the network

To identify root kits included on the system out of the box

NEW QUESTION 55
Which approach is recommended by the CIS Controls for performing penetration tests?

Document a single vulnerability per system

Utilize a single attack vector at a time

Complete intrusive tests on test systems

Execute all tests during network maintenance windows

NEW QUESTION 56
What is a recommended defense for the CIS Control for Application Software Security?

Keep debugging code in production web applications for quick troubleshooting

Limit access to the web application production environment to just the developers

Run a dedicated vulnerability scanner against backend databases

Display system error messages for only non-kernel related events

NEW QUESTION 57
An attacker is able to successfully access a web application as root using ‘ or 1 = 1 . as the password. The successful access indicates a failure of what process?

Input Validation

Output Sanitization

URL Encoding

Account Management

NEW QUESTION 58
IDS alerts at Service Industries are received by email. A typical day process over 300 emails with fewer than
50 requiring action. A recent attack was successful and went unnoticed due to the number of generated alerts.
What should be done to prevent this from recurring?

Tune the IDS rules to decrease false positives.

Increase the number of staff responsible for processing IDS alerts.

Change the alert method from email to text message.

Configure the IDS alerts to only alert on high priority systems.

NEW QUESTION 59
The settings in the screenshot would be configured as part of which CIS Control?