GCCC Practice Exam Questions with Answers GIAC Critical Controls Certification (GCCC) Certification

Question # 6

Which of the following CIS Controls is used to manage the security lifecycle by validating that the documented controls are in place?

Controlled Use of Administrative Privilege

Account Monitoring and Control

Data Protection

Penetration Tests and Red Team Exercises

Full Access

Question # 7

Executive management approved the storage of sensitive data on smartphones and tablets as long as they were encrypted. Later a vulnerability was announced at an information security conference that allowed attackers to bypass the device’s authentication process, making the data accessible. The smartphone manufacturer said it would take six months for the vulnerability to be fixed and distributed through the cellular carriers. Four months after the vulnerability was announced, an employee lost his tablet and the sensitive information became public.

What was the failure that led to the information being lost?

There was no risk acceptance review after the risk changed

The employees failed to maintain their devices at the most current software version

Vulnerability scans were not done to identify the devices that we at risk

Management had not insured against the possibility of the information being lost

Full Access

Question # 8

Implementing which of the following will decrease spoofed e-mail messages?

Finger Protocol

Sender Policy Framework

Network Address Translation

Internet Message Access Protocol

Full Access

Question # 9

What is a recommended defense for the CIS Control for Application Software Security?

Keep debugging code in production web applications for quick troubleshooting

Limit access to the web application production environment to just the developers

Run a dedicated vulnerability scanner against backend databases

Display system error messages for only non-kernel related events

Full Access

Question # 10

Which of the options below will do the most to reduce an organization’s attack surface on the internet?

Deploy an access control list on the perimeter router and limit inbound ICMP messages to echo requests only

Deploy antivirus software on internet-facing hosts, and ensure that the signatures are updated regularly

Ensure that rotation of duties is used with employees in order to compartmentalize the most important tasks

Ensure only necessary services are running on Internet-facing hosts, and that they are hardened according to best practices

Full Access

Question # 11

Below is a screenshot from a deployed next-generation firewall. These configuration settings would be a defensive measure for which CIS Control?

GCCC question answer

Controlled Access Based on the Need to Know

Limitation and Control of Network Ports, Protocols and Services

Email and Web Browser Protections

Secure Configuration for Network Devices, such as Firewalls, Routers and Switches.

Full Access

Question # 12

Which activity increases the risk of a malware infection?

Charging a smartphone using a computer USB port

Editing webpages with a Linux system

Reading email using a plain text email client

Online banking in Incognito mode

Full Access

Question # 13

What is the list displaying?

GCCC question answer

Allowed program in a software inventory application

Unauthorized programs detected in a software inventory

Missing patches from a patching server

Installed software on an end-user device

Full Access

Labour Day Special - 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: c4sdisc65

Contact Email:

Crack4sure Logo

Main Navigation

GCCC PDF

$38.5

$109.99

GCCC PDF + Testing Engine

$61.6

$175.99

GCCC Engine

$46.2

$131.99

GCCC Practice Exam Questions with Answers GIAC Critical Controls Certification (GCCC) Certification

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

QUICK LINKS

SUPPORT

PAYMENT METHOD

Site Secure

CONTACT US