[Dec 19, 2023] New GIAC GCCC Dumps with Test Engine and PDF (New Questions) [Q16-Q37]

[Dec 19, 2023] New GIAC GCCC  Dumps with Test Engine and PDF (New Questions)

Pass Your GCCC Exam Easily - Real GCCC Practice Dump Updated

The GIAC Critical Controls Certification (GCCC) certification exam is designed for professionals with at least five years of experience in the field of cybersecurity. Candidates must demonstrate their knowledge of critical security controls, risk management, and compliance frameworks, and their ability to implement and manage these controls effectively.

 

NEW QUESTION # 16
An auditor is validating the policies and procedures for an organization with respect to a control for Data Recovery. The organization's control states they will completely back up critical servers weekly, with incremental backups every four hours. Which action will best verify success of the policy?

• A. Restore the critical server data from backup and see if data is missing
• B. Select a random file from a critical server and verify it is present in a backup set
• C. Check the backup logs from the critical servers and verify there are no errors
• D. Verify that the backup media cannot be read without the encryption key

Answer: A

NEW QUESTION # 17
Which of the following archiving methods would maximize log integrity?

• A. DVD-R
• B. USB flash drive
• C. Magnetic Tape
• D. CD-RW

Answer: A

NEW QUESTION # 18
During a security audit which test should result in a source packet failing to reach its intended destination?

• A. A new connection request from the internet is sent to the company's DNS server
• B. A packet originating from the company's DMZ is sent to a host on the company's internal network
• C. A packet originating from the company's internal network is sent to the company's DNS server
• D. A new connection request from the Internet is sent to a host on the company 's internal net work

Answer: D

NEW QUESTION # 19
According to attack lifecycle models, what is the attacker's first step in compromising an organization?

• A. Exploitation
• B. Privilege Escalation
• C. Initial Compromise
• D. Reconnaissance

Answer: D

NEW QUESTION # 20
As part of an effort to implement a control on E-mail and Web Protections, an organization is monitoring their webserver traffic. Which event should they receive an alert on?

• A. The logfiles of the webserver are rotated and archived
• B. The number of website hits is higher that the daily average
• C. The website issues a RST to a client after the connection is idle
• D. The website does not respond to a SYN packet for 30 minutes

Answer: D

NEW QUESTION # 21
An organization has implemented a control for Controlled Use of Administrative Privileges. They are collecting audit data for each login, logout, and location for the root account of their MySQL server, but they are unable to attribute each of these logins to a specific user. What action can they take to rectify this?

• A. Turn on SELinux and user process accounting for the MySQL server.
• B. Blacklist client applications from being run in privileged mode.
• C. Force user accounts to use 'sudo' f or privileged use.
• D. Force the root account to only be accessible from the system console.

Answer: C

NEW QUESTION # 22
A breach was discovered after several customers reported fraudulent charges on their accounts. The attacker had exported customer logins and cracked passwords that were hashed but not salted. Customers were made to reset their passwords.
Shortly after the systems were cleaned and restored to service, it was discovered that a compromised system administrator's account was being used to give the attacker continued access to the network. Which CIS Control failed in the continued access to the network?

• A. Maintenance, Monitoring, and Analysis of Audit Logs
• B. Incident Response and Management
• C. Controlled Use of Administrative Privilege
• D. Account Monitoring and Control

Answer: B

NEW QUESTION # 23
Which of the following actions would best mitigate against phishing attempts such as the example below?

• A. Recommending against the use of Google Docs
• B. Having employee's complete user awareness training
• C. Establishing email filters to block no-reply address emails
• D. Making web filters to prevent accessing Google Docs

Answer: B

NEW QUESTION # 24
Janice is auditing the perimeter of the network at Sugar Water InC. According to documentation, external SMTP traffic is only allowed to and from 10.10.10.25. Which of the following actions would demonstrate the rules are configured incorrectly?

• A. Receive spam from a known bad domain
• B. Receive mail at Sugar Water Inc. account using Outlook as a mail client
• C. Successfully deliver mail from web client using another host inside the network to an external contact.
• D. Successfully deliver mail from another host inside the network directly to an external contact

Answer: D

NEW QUESTION # 25
Which of the following will decrease the likelihood of eavesdropping on a wireless network?

• A. Using EAP/TLS authentication and WPA2 with AES encryption
• B. Using Wired Equivalent Protocol (WEP)
• C. Putting the wireless network on a separate VLAN
• D. Broadcasting in the 5Ghz frequency

Answer: A

NEW QUESTION # 26
What is the relationship between a service and its associated port?

• A. A service opens the port and listens for network traffic
• B. A service sets limits on the volume of traffic sent through the port
• C. A service closes a port after a period of inactivity
• D. A service relies on the port to select the protocol

Answer: A

NEW QUESTION # 27
What is the business goal of the Inventory and Control of Software Assets Control?

• A. Only authorized software should be installed on the agency 's c omput er s ys t ems
• B. Accurate software versions are captured to enable patching
• C. Accurate software versions and counts are documented for licensing updates
• D. All software conforms to licensing requirements for the business

Answer: A

NEW QUESTION # 28
When evaluating the Wireless Access Control CIS Control, which of the following systems needs to be tested?

• A. 802.1x authentication systems
• B. Data classification and access baselines
• C. Log management system
• D. PII data scanner

Answer: A

NEW QUESTION # 29
Which of the following items would be used reactively for incident response?

• A. A script used to verify patches are installed on systems
• B. An IPS rule that prevents web access from international locations
• C. A phone tree used to contact necessary personnel
• D. A schedule for creating and storing backup

Answer: C

NEW QUESTION # 30
An Internet retailer's database was recently exploited by a foreign criminal organization via a remote attack.
The initial exploit resulted in immediate root-level access. What could have been done to prevent this level of access being given to the intruder upon successful exploitation?

• A. Install updated anti-virus software
• B. Configure the database to run with lower privileges
• C. Install host integrity monitoring software
• D. Configure the DMZ firewall to block unnecessary service

Answer: B

NEW QUESTION # 31
A need has been identified to organize and control access to different classifications of information stored on a fileserver. Which of the following approaches will meet this need?

• A. Set user roles by job or position, and create permission by role for each file
• B. Organize files according to the user that created them and allow the user to determine permissions
• C. Divide the documents into confidential, internal, and public folders, and ser permissions on each folder
• D. Divide the documents by department and set permissions on each departmental folder

Answer: C

NEW QUESTION # 32
An auditor is focusing on potential vulnerabilities. Which of the following should cause an alert?

• A. Windows host with an uptime of 382 days
• B. Fully patched guest machine that is not in the asset inventory
• C. Server that has zero browser plug-ins
• D. Workstation on which a domain admin has never logged in

Answer: A

NEW QUESTION # 33
Which of the options below will do the most to reduce an organization's attack surface on the internet?

• A. Ensure only necessary services are running on Internet-facing hosts, and that they are hardened according to best practices
• B. Ensure that rotation of duties is used with employees in order to compartmentalize the most important tasks
• C. Deploy an access control list on the perimeter router and limit inbound ICMP messages to echo requests only
• D. Deploy antivirus software on internet-facing hosts, and ensure that the signatures are updated regularly

Answer: A

NEW QUESTION # 34
What is a zero-day attack?

• A. An attack that utilizes a vulnerability unknown to the software developer
• B. An attack that has a known attack signature but no available patch
• C. An attack that is launched the day the patch is released
• D. An attack that deploys at the end of a countdown sequence

Answer: A

NEW QUESTION # 35
Which of the following CIS Controls is used to manage the security lifecycle by validating that the documented controls are in place?

• A. Data Protection
• B. Controlled Use of Administrative Privilege
• C. Penetration Tests and Red Team Exercises
• D. Account Monitoring and Control

Answer: C

NEW QUESTION # 36
Which of the following is necessary for implementing and automating the Continuous Vulnerability Assessment and Remediation CIS Control?

• A. Penetration Testing System
• B. Software Whitelisting System
• C. System Configuration Enforcement System
• D. Patch Management System

Answer: D

NEW QUESTION # 37
......

Dumpexams just published the GIAC GCCC exam dumps!: https://www.dumpexams.com/GCCC-real-answers.html

For your comfort, Dumpexams provides you the convenience of free Cyber Security braindumps demo: https://drive.google.com/open?id=18ufuXhKBaWCwol1MZLad3q4Ar6O_jlMM