1. Home
  2. GIAC
  3. GCCC

GCCC - GIAC Critical Controls Certification (GCCC)

Exam Details

  • Exam Code
    :GCCC
  • Exam Name
    :GCCC - GIAC Critical Controls Certification (GCCC)
  • Certification
    :Cyber Security
  • Vendor
    :GIAC
  • Total Questions
    :93 Q&As
  • Last Updated
    :May 13, 2024

GIAC Cyber Security GCCC Questions & Answers

  • Question 11:

    An organization has implemented a control for Controlled Use of Administrative Privileges. They are collecting audit data for each login, logout, and location for the root account of their MySQL server, but they are unable to attribute each of these logins to a specific user. What action can they take to rectify this?

    A. Force the root account to only be accessible from the system console.

    B. Turn on SELinux and user process accounting for the MySQL server.

    C. Force user accounts to use `sudo' f or privileged use.

    D. Blacklist client applications from being run in privileged mode.

  • Question 12:

    Acme Corporation is doing a core evaluation of its centralized logging capabilities. Which of the following scenarios indicates a failure in more than one CIS Control?

    A. The loghost is missing logs from 3 servers in the inventory

    B. The loghost is receiving logs from hosts with different timezone values

    C. The loghost time is out-of-sync with an external host

    D. The loghost is receiving out-of-sync logs from undocumented servers

  • Question 13:

    An organization has implemented a policy to detect and remove malicious software from its network. Which of the following actions is focused on correcting rather than preventing attack?

    A. Configuring a firewall to only allow communication to whitelisted hosts and ports

    B. Using Network access control to disable communication by hosts with viruses

    C. Disabling autorun features on all workstations on the network

    D. Training users to recognize potential phishing attempts

  • Question 14:

    Based on the data shown below.

    Which wireless access point has the manufacturer default settings still in place?

    A. Starbucks

    B. Linksys

    C. Hhonors

    D. Interwebz

  • Question 15:

    The settings in the screenshot would be configured as part of which CIS Control?

    A. Application Software Security

    B. Inventory and Control of Hardware Assets

    C. Account Monitoring and Control

    D. Controlled Use of Administrative Privileges

  • Question 16:

    What could a security team use the command line tool Nmap for when implementing the Inventory and Control of Hardware Assets Control?

    A. Control which devices can connect to the network

    B. Passively identify new devices

    C. Inventory offline databases

    D. Actively identify new servers

  • Question 17:

    Which of the following is necessary to automate a control for Inventory and Control of Hardware Assets?

    A. A method of device scanning

    B. A centralized time server

    C. An up-to-date hardening guide

    D. An inventory of unauthorized assets

  • Question 18:

    What is a zero-day attack?

    A. An attack that has a known attack signature but no available patch

    B. An attack that utilizes a vulnerability unknown to the software developer

    C. An attack that deploys at the end of a countdown sequence

    D. An attack that is launched the day the patch is released

  • Question 19:

    How can the results of automated network configuration scans be used to improve the security of the network?

    A. Reports can be sent to the CIO for performance benchmarks

    B. Results can be provided to network engineers as actionable feedback

    C. Scanners can correct network configurations issues

    D. Results can be included in audit evidence failures

  • Question 20:

    An analyst investigated unused organizational accounts. The investigation found that:

    -10% of accounts still have their initial login password, indicating they were never used

    -10% of accounts have not been used in over six months

    Which change in policy would mitigate the security risk associated with both findings?

    A. Users are required to change their password at the next login after three months

    B. Accounts must have passwords of at least 8 characters, with one number or symbol

    C. Accounts without login activity for 15 days are automatically locked

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only GIAC exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your GCCC exam preparations and GIAC certification application, do not hesitate to visit our Vcedump.com to find your solutions here.