1. Home
  2. GIAC
  3. Cyber Security
  4. GCCC
  5. GIAC Critical Controls Certification (GCCC) Questions and Answers

Pass the GIAC Cyber Security GCCC Questions and answers with CertsForce

 GIAC Exams      Go to Exam Detail      Get Premium Access
Viewing page 2 out of 3 pages
Viewing questions 11-20 out of questions
Questions # 11:

Acme Corporation performed an investigation of its centralized logging capabilities. It found that the central server is missing several types of logs from three servers in Acme's inventory. Given these findings, what is the most appropriate next step?

Options:
A.

Define processes to manually review logs for the problem servers

B.

Restart or reinstall the logging service on each of the problem servers

C.

Perform analysis to identify the source of the logging problems

D.

Document the missing logs in the core evaluation report as a minor issue

Questions # 12:

Which of the following is a benefit of stress-testing a network?

Options:
A.

To determine device behavior in a DoS condition.

B.

To determine bandwidth needs for the network.

C.

To determine the connectivity of the network

D.

To determine the security configurations of the network

Questions # 13:

An Internet retailer's database was recently exploited by a foreign criminal organization via a remote attack. The initial exploit resulted in immediate root-level access. What could have been done to prevent this level of access being given to the intruder upon successful exploitation?

Options:
A.

Configure the DMZ firewall to block unnecessary service

B.

Install host integrity monitoring software

C.

Install updated anti-virus software

D.

Configure the database to run with lower privileges

Questions # 14:

What is the first step suggested before implementing any single CIS Control?

Options:
A.

Develop an effectiveness test

B.

Perform a gap analysis

C.

Perform a vulnerability scan

D.

Develop a roll-out schedule

Questions # 15:

Below is a screenshot from a deployed next-generation firewall. These configuration settings would be a defensive measure for which CIS Control?

Question # 15

Options:
A.

Controlled Access Based on the Need to Know

B.

Limitation and Control of Network Ports, Protocols and Services

C.

Email and Web Browser Protections

D.

Secure Configuration for Network Devices, such as Firewalls, Routers and Switches.

Questions # 16:

The settings in the screenshot would be configured as part of which CIS Control?

Question # 16

Options:
A.

Application Software Security

B.

Inventory and Control of Hardware Assets

C.

Account Monitoring and Control

D.

Controlled Use of Administrative Privileges

Questions # 17:

Which of the following is necessary for implementing and automating the Continuous Vulnerability Assessment and Remediation CIS Control?

Options:
A.

Software Whitelisting System

B.

System Configuration Enforcement System

C.

Patch Management System

D.

Penetration Testing System

Questions # 18:

Which of the following statements is appropriate in an incident response report?

Options:
A.

There had been a storm on September 27th that may have caused a power surge

B.

The registry entry was modified on September 29th at 22:37

C.

The attacker may have been able to access the systems due to missing KB2965111

D.

The backup process may have failed at 2345 due to lack of available bandwidth

Questions # 19:

Which type of scan is best able to determine if user workstations are missing any important patches?

Options:
A.

A network vulnerability scan using aggressive scanning

B.

A source code scan

C.

A port scan using banner grabbing

D.

A web application/database scan

E.

A vulnerability scan using valid credentials

Questions # 20:

An administrator looking at a web application’s log file found login attempts by the same host over several seconds. Each user ID was attempted with three different passwords. The event took place over 5 seconds.

    ROOT

    TEST

    ADMIN

    SQL

    USER

    NAGIOSGUEST

What is the most likely source of this event?

Options:
A.

An IT administrator attempting to use outdated credentials to enter the site

B.

An attempted Denial of Service attack by locking out administrative accounts

C.

An automated tool that attempts to use a dictionary attack to infiltrate a website

D.

An attempt to use SQL Injection to gain information from a web-connected database

Viewing page 2 out of 3 pages
Viewing questions 11-20 out of questions