This page was exported from IT Certification Exam Braindumps [ http://blog.braindumpsit.com ] Export date:Sat Apr 5 2:17:45 2025 / +0000 GMT ___________________________________________________ Title: [May 12, 2024] Get New GCCC Certification – Valid Exam Dumps Questions [Q38-Q60] --------------------------------------------------- [May 12, 2024] Get New GCCC Certification – Valid Exam Dumps Questions 100% Passing Guarantee - Brilliant GCCC Exam Questions PDF GIAC GCCC certification is considered a valuable credential in the IT security industry. It is recognized by employers and organizations worldwide as a standard of excellence in the field of critical security controls. GIAC Critical Controls Certification (GCCC) certification demonstrates that the candidate has the skills and expertise necessary to implement and manage critical security controls, and that they are committed to maintaining the highest level of security within their organization.   NEW QUESTION 38What is the list displaying?  Allowed program in a software inventory application  Unauthorized programs detected in a software inventory  Missing patches from a patching server  Installed software on an end-user device NEW QUESTION 39Which of the following actions will assist an organization specifically with implementing web application software security?  Making sure that all hosts are patched during regularly scheduled maintenance  Providing end-user security training to both internal staff and vendors  Establishing network activity baselines among public-facing servers  Having a plan to scan vulnerabilities of an application prior to deployment NEW QUESTION 40To effectively implement the Data Protection CIS Control, which task needs to be implemented first?  The organization’s proprietary data needs to be encrypted  Employees need to be notified that proprietary data should be protected  The organization’s proprietary data needs to be identified  Appropriate file content matching needs to be configured NEW QUESTION 41DHCP logging output in the screenshot would be used for which of the following?  Enforcing port-based network access control to prevent unauthorized devices on the network.  Identifying new connections to maintain an up-to-date inventory of devices on the network.  Detecting malicious activity by compromised or unauthorized devices on the network.  Providing ping sweep results to identify live network hosts for vulnerability scanning. NEW QUESTION 42What could a security team use the command line tool Nmap for when implementing the Inventory and Control of Hardware Assets Control?  Control which devices can connect to the network  Passively identify new devices  Inventory offline databases  Actively identify new servers NEW QUESTION 43Which projects enumerates or maps security issues to CVE?  CIS Controls  SCAP  ISO 2700  NIST NEW QUESTION 44An organization has implemented a policy to continually detect and remove malware from its network. Which of the following is a detective control needed for this?  Host-based firewall sends alerts when packets are sent to a closed port  Network Intrusion Prevention sends alerts when RST packets are received  Network Intrusion Detection devices sends alerts when signatures are updated  Host-based anti-virus sends alerts to a central security console NEW QUESTION 45Implementing which of the following will decrease spoofed e-mail messages?  Finger Protocol  Sender Policy Framework  Network Address Translation  Internet Message Access Protocol NEW QUESTION 46Review the below results of an audit on a server. Based on these results, which document would you recommend be reviewed for training or updates?  Procedure for authorizing remote server access  Procedure for modifying file permissions  Procedure for adjusting network share permissions  Procedure for setting and resetting user passwords NEW QUESTION 47An organization has implemented a control for penetration testing and red team exercises conducted on their network. They have compiled metrics showing the success of the penetration testing (Penetration Tests), as well as the number of actual adversary attacks they have sustained (External Attacks). Assess the metrics below and determine the appropriate interpretation with respect to this control.  The blue team is adequately protecting the network  There are too many internal penetration tests being conducted  The methods the red team is using are not effectively testing the network  The red team is improving their capability to measure network security NEW QUESTION 48Which of the following should be measured and analyzed regularly when implementing the Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers CIS Control?  How long does it take to identify new unauthorized listening ports on the network systems  How long does it take to remove unauthorized software from the organization’s systems  What percentage of the organization’s applications are using sandboxing products  What percentage of assets will have their settings enforced and redeployed  What percentage of systems in the organization are using Network Level Authentication (NLA) NEW QUESTION 49An administrator looking at a web application’s log file found login attempts by the same host over several seconds. Each user ID was attempted with three different passwords. The event took place over 5 seconds.* ROOT* TEST* ADMIN* SQL* USER* NAGIOSGUESTWhat is the most likely source of this event?  An IT administrator attempting to use outdated credentials to enter the site  An attempted Denial of Service attack by locking out administrative accounts  An automated tool that attempts to use a dictionary attack to infiltrate a website  An attempt to use SQL Injection to gain information from a web-connected database NEW QUESTION 50Which of the following is a requirement in order to implement the principle of least privilege?  Mandatory Access Control (MAC)  Data normalization  Data classification  Discretionary Access Control (DAC) NEW QUESTION 51An organization is implementing an application software security control their custom-written code that provides web-based database access to sales partners. Which action will help mitigate the risk of the application being compromised?  Providing the source code for their web application to existing sales partners  Identifying high-risk assets that are on the same network as the web application server  Creating signatures for their IDS to detect attacks specific to their web application  Logging the connection requests to the web application server from outside hosts NEW QUESTION 52What is a zero-day attack?  An attack that has a known attack signature but no available patch  An attack that utilizes a vulnerability unknown to the software developer  An attack that deploys at the end of a countdown sequence  An attack that is launched the day the patch is released NEW QUESTION 53An Internet retailer’s database was recently exploited by a foreign criminal organization via a remote attack.The initial exploit resulted in immediate root-level access. What could have been done to prevent this level of access being given to the intruder upon successful exploitation?  Configure the DMZ firewall to block unnecessary service  Install host integrity monitoring software  Install updated anti-virus software  Configure the database to run with lower privileges NEW QUESTION 54Why is it important to enable event log storage on a system immediately after it is installed?  To allow system to be restored to a known good state if it is compromised  To create the ability to separate abnormal behavior from normal behavior during an incident  To compare it performance with other systems already on the network  To identify root kits included on the system out of the box NEW QUESTION 55Which approach is recommended by the CIS Controls for performing penetration tests?  Document a single vulnerability per system  Utilize a single attack vector at a time  Complete intrusive tests on test systems  Execute all tests during network maintenance windows NEW QUESTION 56What is a recommended defense for the CIS Control for Application Software Security?  Keep debugging code in production web applications for quick troubleshooting  Limit access to the web application production environment to just the developers  Run a dedicated vulnerability scanner against backend databases  Display system error messages for only non-kernel related events NEW QUESTION 57An attacker is able to successfully access a web application as root using ‘ or 1 = 1 . as the password. The successful access indicates a failure of what process?  Input Validation  Output Sanitization  URL Encoding  Account Management NEW QUESTION 58IDS alerts at Service Industries are received by email. A typical day process over 300 emails with fewer than50 requiring action. A recent attack was successful and went unnoticed due to the number of generated alerts.What should be done to prevent this from recurring?  Tune the IDS rules to decrease false positives.  Increase the number of staff responsible for processing IDS alerts.  Change the alert method from email to text message.  Configure the IDS alerts to only alert on high priority systems. NEW QUESTION 59The settings in the screenshot would be configured as part of which CIS Control?  Application Software Security  Inventory and Control of Hardware Assets  Account Monitoring and Control  Controlled Use of Administrative Privileges NEW QUESTION 60If an attacker wanted to dump hashes or run wmic commands on a target machine, which of the following tools would he use?  Mimikatz  OpenVAS  Metasploit  Loading … Free GCCC braindumps download: https://www.braindumpsit.com/GCCC_real-exam.html --------------------------------------------------- Images: https://blog.braindumpsit.com/wp-content/plugins/watu/loading.gif https://blog.braindumpsit.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2024-05-12 09:51:44 Post date GMT: 2024-05-12 09:51:44 Post modified date: 2024-05-12 09:51:44 Post modified date GMT: 2024-05-12 09:51:44