• Home
  • Articles
  • [2024] Use Valid New GCCC Test Notes & GCCC Valid Exam Guide [Q54-Q70]

[2024] Use Valid New GCCC Test Notes & GCCC Valid Exam Guide [Q54-Q70]

Share

[2024] Use Valid New GCCC Test Notes & GCCC Valid Exam Guide

GCCC Actual Questions Answers PDF 100% Cover Real Exam Questions

NEW QUESTION # 54
An organization has created a policy that allows software from an approved list of applications to be installed on workstations. Programs not on the list should not be installed. How can the organization best monitor compliance with the policy?

  • A. Performing regular port scans of workstations on the network
  • B. Auditing Active Directory and alerting when new accounts are created
  • C. Comparing system snapshots and alerting when changes are made
  • D. Creating an IDS signature to alert based on unknown "User-Agent " strings

Answer: D


NEW QUESTION # 55
A global corporation has major data centers in Seattle, New York, London and Tokyo. Which of the following is the correct approach from an intrusion detection and event correlation perspective?

  • A. Synchronize between Seattle and New York, and use local time for London and Tokyo
  • B. Configure all systems to use their default time settings
  • C. Configure all data center systems to use local time
  • D. Configure all data center systems to use GMT time

Answer: C


NEW QUESTION # 56
Which of the following baselines is considered necessary to implement the Boundary Defense CIS Control?

  • A. Multi-Factor Authentication Standard
  • B. Network Information Flow
  • C. Network Traffic/Service Baseline
  • D. Network Device Configuration Baselines

Answer: B


NEW QUESTION # 57
According to attack lifecycle models, what is the attacker's first step in compromising an organization?

  • A. Reconnaissance
  • B. Initial Compromise
  • C. Privilege Escalation
  • D. Exploitation

Answer: A


NEW QUESTION # 58
Which of the following is necessary to automate a control for Inventory and Control of Hardware Assets?

  • A. A centralized time server
  • B. An up-to-date hardening guide
  • C. An inventory of unauthorized assets
  • D. A method of device scanning

Answer: D


NEW QUESTION # 59
A breach was discovered after several customers reported fraudulent charges on their accounts. The attacker had exported customer logins and cracked passwords that were hashed but not salted. Customers were made to reset their passwords.
Shortly after the systems were cleaned and restored to service, it was discovered that a compromised system administrator's account was being used to give the attacker continued access to the network. Which CIS Control failed in the continued access to the network?

  • A. Maintenance, Monitoring, and Analysis of Audit Logs
  • B. Incident Response and Management
  • C. Account Monitoring and Control
  • D. Controlled Use of Administrative Privilege

Answer: B


NEW QUESTION # 60
How can the results of automated network configuration scans be used to improve the security of the network?

  • A. Reports can be sent to the CIO for performance benchmarks
  • B. Scanners can correct network configurations issues
  • C. Results can be provided to network engineers as actionable feedback
  • D. Results can be included in audit evidence failures

Answer: C


NEW QUESTION # 61
What tool creates visual network topology output and results that can be analyzed by Ndiff to determine if a service or network asset has changed?

  • A. Ngrep
  • B. Netscreen
  • C. CIS-CAT
  • D. Zenmap

Answer: D


NEW QUESTION # 62
If an attacker wanted to dump hashes or run wmic commands on a target machine, which of the following tools would he use?

  • A. Metasploit
  • B. Mimikatz
  • C. OpenVAS

Answer: A


NEW QUESTION # 63
Executive management approved the storage of sensitive data on smartphones and tablets as long as they were encrypted. Later a vulnerability was announced at an information security conference that allowed attackers to bypass the device's authentication process, making the data accessible. The smartphone manufacturer said it would take six months for the vulnerability to be fixed and distributed through the cellular carriers. Four months after the vulnerability was announced, an employee lost his tablet and the sensitive information became public.
What was the failure that led to the information being lost?

  • A. Vulnerability scans were not done to identify the devices that we at risk
  • B. The employees failed to maintain their devices at the most current software version
  • C. Management had not insured against the possibility of the information being lost
  • D. There was no risk acceptance review after the risk changed

Answer: D


NEW QUESTION # 64
Which of the following actions produced the output seen below?

  • A. An access rule was added to firewallrules.txt
  • B. An access rule was removed from firewallrules.txt
  • C. An access rule was removed from firewallrules2.txt
  • D. An access rule was added to firewallrules2.txt

Answer: D


NEW QUESTION # 65
Given the audit finding below, which CIS Control was being measured?

  • A. Controlled Access Based on the Need to Know
  • B. Inventory and Control of Hardware Assets
  • C. Limitation and Control of Network Ports, Protocols and Services
  • D. Controlled Use of Administrative Privilege
  • E. Secure Configurations for Hardware and Software on Laptops, Workstations, and Servers

Answer: D


NEW QUESTION # 66
When evaluating the Wireless Access Control CIS Control, which of the following systems needs to be tested?

  • A. PII data scanner
  • B. 802.1x authentication systems
  • C. Log management system
  • D. Data classification and access baselines

Answer: B


NEW QUESTION # 67
Which of the following items would be used reactively for incident response?

  • A. A script used to verify patches are installed on systems
  • B. An IPS rule that prevents web access from international locations
  • C. A schedule for creating and storing backup
  • D. A phone tree used to contact necessary personnel

Answer: D


NEW QUESTION # 68
What is a recommended defense for the CIS Control for Application Software Security?

  • A. Limit access to the web application production environment to just the developers
  • B. Keep debugging code in production web applications for quick troubleshooting
  • C. Run a dedicated vulnerability scanner against backend databases
  • D. Display system error messages for only non-kernel related events

Answer: C


NEW QUESTION # 69
What is the list displaying?

  • A. Allowed program in a software inventory application
  • B. Unauthorized programs detected in a software inventory
  • C. Installed software on an end-user device
  • D. Missing patches from a patching server

Answer: A


NEW QUESTION # 70
......

GCCC Exam questions and answers: https://pass4sure.validdumps.top/GCCC-exam-torrent.html

Related Articles

more
GIAC GCCC Certification Practice Exam