1. Home
  2. GIAC
  3. GCCC

GCCC - GIAC Critical Controls Certification (GCCC)

Exam Details

  • Exam Code
    :GCCC
  • Exam Name
    :GCCC - GIAC Critical Controls Certification (GCCC)
  • Certification
    :Cyber Security
  • Vendor
    :GIAC
  • Total Questions
    :93 Q&As
  • Last Updated
    :May 13, 2024

GIAC Cyber Security GCCC Questions & Answers

  • Question 31:

    Why is it important to enable event log storage on a system immediately after it is installed?

    A. To allow system to be restored to a known good state if it is compromised

    B. To create the ability to separate abnormal behavior from normal behavior during an incident

    C. To compare it performance with other systems already on the network

    D. To identify root kits included on the system out of the box

  • Question 32:

    Which of the following can be enabled on a Linux based system in order to make it more difficult for an attacker to execute malicious code after launching a buffer overflow attack?

    A. ASLR

    B. Tripwire

    C. SUID

    D. Iptables

    E. TCP Wrappers

  • Question 33:

    IDS alerts at Service Industries are received by email. A typical day process over 300 emails with fewer

    than 50 requiring action. A recent attack was successful and went unnoticed due to the number of

    generated alerts.

    What should be done to prevent this from recurring?

    A. Tune the IDS rules to decrease false positives.

    B. Increase the number of staff responsible for processing IDS alerts.

    C. Change the alert method from email to text message.

    D. Configure the IDS alerts to only alert on high priority systems.

  • Question 34:

    An organization has implemented a policy to continually detect and remove malware from its network. Which of the following is a detective control needed for this?

    A. Host-based firewall sends alerts when packets are sent to a closed port

    B. Network Intrusion Prevention sends alerts when RST packets are received

    C. Network Intrusion Detection devices sends alerts when signatures are updated

    D. Host-based anti-virus sends alerts to a central security console

  • Question 35:

    Below is a screenshot from a deployed next-generation firewall. These configuration settings would be a defensive measure for which CIS Control?

    A. Controlled Access Based on the Need to Know

    B. Limitation and Control of Network Ports, Protocols and Services

    C. Email and Web Browser Protections

    D. Secure Configuration for Network Devices, such as Firewalls, Routers and Switches.

  • Question 36:

    Which of the following will decrease the likelihood of eavesdropping on a wireless network?

    A. Broadcasting in the 5Ghz frequency

    B. Using Wired Equivalent Protocol (WEP)

    C. Using EAP/TLS authentication and WPA2 with AES encryption

    D. Putting the wireless network on a separate VLAN

  • Question 37:

    An organization has implemented a control for penetration testing and red team exercises conducted on their network. They have compiled metrics showing the success of the penetration testing (Penetration Tests), as well as the number of actual adversary attacks they have sustained (External Attacks). Assess the metrics below and determine the appropriate interpretation with respect to this control.

    A. The blue team is adequately protecting the network

    B. There are too many internal penetration tests being conducted

    C. The methods the red team is using are not effectively testing the network

    D. The red team is improving their capability to measure network security

  • Question 38:

    Which of the following assigns a number indicating the severity of a discovered software vulnerability?

    A. CPE

    B. CVE

    C. CCE

    D. CVSS

  • Question 39:

    Which of the following actions will assist an organization specifically with implementing web application software security?

    A. Making sure that all hosts are patched during regularly scheduled maintenance

    B. Providing end-user security training to both internal staff and vendors

    C. Establishing network activity baselines among public-facing servers

    D. Having a plan to scan vulnerabilities of an application prior to deployment

  • Question 40:

    How often should the security awareness program be communicated to employees?

    A. Continuously

    B. Annually

    C. Monthly

    D. At orientation and review times

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only GIAC exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your GCCC exam preparations and GIAC certification application, do not hesitate to visit our Vcedump.com to find your solutions here.