GIAC New 2024 GCCC Test Tutorial (Updated 95 Questions) [Q13-Q37]

Rate this post

GIAC New 2024 GCCC Test Tutorial (Updated 95 Questions)

GCCC Exam Questions Dumps, Selling GIAC Products

NO.13 Which of the following will decrease the likelihood of eavesdropping on a wireless network?

Broadcasting in the 5Ghz frequency

Using Wired Equivalent Protocol (WEP)

Using EAP/TLS authentication and WPA2 with AES encryption

Putting the wireless network on a separate VLAN

NO.14 Implementing which of the following will decrease spoofed e-mail messages?

Finger Protocol

Sender Policy Framework

Network Address Translation

Internet Message Access Protocol

NO.15 John is implementing a commercial backup solution for his organization. Which of the following steps should be on the configuration checklist?

Enable encryption if it ‘s not enabled by default

Disable software-level encryption to increase speed of transfer

Develop a unique encryption scheme

NO.16 Which activity increases the risk of a malware infection?

Charging a smartphone using a computer USB port

Editing webpages with a Linux system

Reading email using a plain text email client

Online banking in Incognito mode

NO.17 An organization has installed a firewall for Boundary Defense. It allows only outbound traffic from internal workstations for web and SSH, allows connections from the internet to the DMZ, and allows guest wireless access to the internet only. How can an auditor validate these rules?

Check for packets going from the Internet to the Web server

Try to send email from a wireless guest account

Check for packages going from the web server to the user workstations

Try to access the internal network from the wireless router

NO.18 What is a zero-day attack?

An attack that has a known attack signature but no available patch

An attack that utilizes a vulnerability unknown to the software developer

An attack that deploys at the end of a countdown sequence

An attack that is launched the day the patch is released

NO.19 As part of a scheduled network discovery scan, what function should the automated scanning tool perform?

Uninstall listening services that have not been used since the last scheduled scan

Compare discovered ports and services to a known baseline to report deviations

Alert the incident response team on ports and services added since the last scan

Automatically close ports and services not included in the current baseline

NO.20 Which of the following assigns a number indicating the severity of a discovered software vulnerability?

CPE

CVE

CCE

CVSS

NO.21 An organization has implemented a policy to detect and remove malicious software from its network. Which of the following actions is focused on correcting rather than preventing attack?

Configuring a firewall to only allow communication to whitelisted hosts and ports

Using Network access control to disable communication by hosts with viruses

Disabling autorun features on all workstations on the network

Training users to recognize potential phishing attempts

NO.22 Which of the options below will do the most to reduce an organization’s attack surface on the internet?

Deploy an access control list on the perimeter router and limit inbound ICMP messages to echo requests only

Deploy antivirus software on internet-facing hosts, and ensure that the signatures are updated regularly

Ensure that rotation of duties is used with employees in order to compartmentalize the most important tasks

Ensure only necessary services are running on Internet-facing hosts, and that they are hardened according to best practices

NO.23 What type of Unified Modelling Language (UML) diagram is used to show dependencies between logical groupings in a system?

Package diagram

Deployment diagram

Class diagram

Use case diagram

NO.24 Which of the following can be enabled on a Linux based system in order to make it more difficult for an attacker to execute malicious code after launching a buffer overflow attack?

ASLR

Tripwire

SUID

Iptables

TCP Wrappers

NO.25 What is the relationship between a service and its associated port?

A service closes a port after a period of inactivity

A service relies on the port to select the protocol

A service sets limits on the volume of traffic sent through the port

A service opens the port and listens for network traffic

NO.26 An auditor is validating the policies and procedures for an organization with respect to a control for Data Recovery. The organization’s control states they will completely back up critical servers weekly, with incremental backups every four hours. Which action will best verify success of the policy?

Verify that the backup media cannot be read without the encryption key

Check the backup logs from the critical servers and verify there are no errors

Select a random file from a critical server and verify it is present in a backup set

Restore the critical server data from backup and see if data is missing

NO.27 Which type of scan is best able to determine if user workstations are missing any important patches?

A network vulnerability scan using aggressive scanning

A source code scan

A port scan using banner grabbing

A web application/database scan

A vulnerability scan using valid credentials

NO.28 Which of the following should be measured and analyzed regularly when implementing the Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers CIS Control?

How long does it take to identify new unauthorized listening ports on the network systems

How long does it take to remove unauthorized software from the organization’s systems

What percentage of the organization’s applications are using sandboxing products

What percentage of assets will have their settings enforced and redeployed

What percentage of systems in the organization are using Network Level Authentication (NLA)

NO.29 When evaluating the Wireless Access Control CIS Control, which of the following systems needs to be tested?

Log management system

802.1x authentication systems

Data classification and access baselines

PII data scanner

NO.30 Executive management approved the storage of sensitive data on smartphones and tablets as long as they were encrypted. Later a vulnerability was announced at an information security conference that allowed attackers to bypass the device’s authentication process, making the data accessible. The smartphone manufacturer said it would take six months for the vulnerability to be fixed and distributed through the cellular carriers. Four months after the vulnerability was announced, an employee lost his tablet and the sensitive information became public.
What was the failure that led to the information being lost?

There was no risk acceptance review after the risk changed

The employees failed to maintain their devices at the most current software version

Vulnerability scans were not done to identify the devices that we at risk

Management had not insured against the possibility of the information being lost

NO.31 A need has been identified to organize and control access to different classifications of information stored on a fileserver. Which of the following approaches will meet this need?

Organize files according to the user that created them and allow the user to determine permissions

Divide the documents into confidential, internal, and public folders, and ser permissions on each folder

Set user roles by job or position, and create permission by role for each file

Divide the documents by department and set permissions on each departmental folder

NO.32 Janice is auditing the perimeter of the network at Sugar Water InC. According to documentation, external SMTP traffic is only allowed to and from 10.10.10.25. Which of the following actions would demonstrate the rules are configured incorrectly?

Receive spam from a known bad domain

Receive mail at Sugar Water Inc. account using Outlook as a mail client

Successfully deliver mail from another host inside the network directly to an external contact

Successfully deliver mail from web client using another host inside the network to an external contact.

NO.33 The settings in the screenshot would be configured as part of which CIS Control?

Application Software Security

Inventory and Control of Hardware Assets

Account Monitoring and Control

Controlled Use of Administrative Privileges

NO.34 Of the options shown below, what is the first step in protecting network devices?

Creating standard secure configurations for all devices

Scanning the devices for known vulnerabilities

Implementing IDS to detect attacks

Applying all known security patches

NO.35 An attacker is able to successfully access a web application as root using ‘ or 1 = 1 . as the password. The successful access indicates a failure of what process?

Input Validation

Output Sanitization

URL Encoding

Account Management

NO.36 What tool creates visual network topology output and results that can be analyzed by Ndiff to determine if a service or network asset has changed?

Ngrep

CIS-CAT

Netscreen

Zenmap

NO.37 An organization has implemented a control for Controlled Use of Administrative Privilege. The control requires users to enter a password from their own user account before being allowed elevated privileges, and that no client applications (e.g. web browsers, e-mail clients) can be run with elevated privileges. Which of the following actions will validate this control is implemented properly?

Check the log entries to match privilege use with access from authorized users.

Run a script at intervals to identify processes running with administrative privilege.

Force the root account to only be accessible from the system console.

GCCC Cert Guide PDF 100% Cover Real Exam Questions: https://www.pdf4test.com/GCCC-dump-torrent.html

Free certification test prep

GIAC New 2024 GCCC Test Tutorial (Updated 95 Questions) [Q13-Q37]

Leave a Reply Cancel reply