• Home
  • Articles
  • GCCC exam questions for practice in 2022 Updated 95 Questions [Q54-Q73]

GCCC exam questions for practice in 2022 Updated 95 Questions [Q54-Q73]

Share

GCCC exam questions for practice in 2022 Updated 95 Questions

Updated Mar-2022 Premium GCCC Exam Engine pdf - Download Free Updated 95 Questions

NEW QUESTION 54
What is the relationship between a service and its associated port?

  • A. A service sets limits on the volume of traffic sent through the port
  • B. A service closes a port after a period of inactivity
  • C. A service opens the port and listens for network traffic
  • D. A service relies on the port to select the protocol

Answer: C

 

NEW QUESTION 55
Which of the following is a benefit of stress-testing a network?

  • A. To determine bandwidth needs for the network.
  • B. To determine the connectivity of the network
  • C. To determine the security configurations of the network
  • D. To determine device behavior in a DoS condition.

Answer: D

 

NEW QUESTION 56
An analyst investigated unused organizational accounts. The investigation found that:
-10% of accounts still have their initial login password, indicating they were never used
-10% of accounts have not been used in over six months
Which change in policy would mitigate the security risk associated with both findings?

  • A. Users are required to change their password at the next login after three months
  • B. Accounts without login activity for 15 days are automatically locked
  • C. Accounts must have passwords of at least 8 characters, with one number or symbol

Answer: B

 

NEW QUESTION 57
An Internet retailer's database was recently exploited by a foreign criminal organization via a remote attack.
The initial exploit resulted in immediate root-level access. What could have been done to prevent this level of access being given to the intruder upon successful exploitation?

  • A. Install updated anti-virus software
  • B. Install host integrity monitoring software
  • C. Configure the DMZ firewall to block unnecessary service
  • D. Configure the database to run with lower privileges

Answer: D

 

NEW QUESTION 58
An organization is implementing an application software security control their custom-written code that provides web-based database access to sales partners. Which action will help mitigate the risk of the application being compromised?

  • A. Logging the connection requests to the web application server from outside hosts
  • B. Identifying high-risk assets that are on the same network as the web application server
  • C. Creating signatures for their IDS to detect attacks specific to their web application
  • D. Providing the source code for their web application to existing sales partners

Answer: C

 

NEW QUESTION 59
Which approach is recommended by the CIS Controls for performing penetration tests?

  • A. Execute all tests during network maintenance windows
  • B. Document a single vulnerability per system
  • C. Utilize a single attack vector at a time
  • D. Complete intrusive tests on test systems

Answer: D

 

NEW QUESTION 60
To effectively implement the Data Protection CIS Control, which task needs to be implemented first?

  • A. The organization's proprietary data needs to be identified
  • B. Appropriate file content matching needs to be configured
  • C. Employees need to be notified that proprietary data should be protected
  • D. The organization's proprietary data needs to be encrypted

Answer: A

 

NEW QUESTION 61
Beta corporation is doing a core evaluation of its centralized logging capabilities. The security staff suspects that the central server has several log files over the past few weeks that have had their contents changed. Given this concern, and the need to keep archived logs for log correction applications, what is the most appropriate next steps?

  • A. Store the files read-only and keep hashes of the logs separately.
  • B. Install a tier one timeserver on the network to keep log devices synchronized.
  • C. Encrypt the log files with an asymmetric key and remove the cleartext version.
  • D. Keep the files in the log archives synchronized with another location.

Answer: A

 

NEW QUESTION 62
An attacker is able to successfully access a web application as root using ' or 1 = 1 . as the password. The successful access indicates a failure of what process?

  • A. Output Sanitization
  • B. Account Management
  • C. URL Encoding
  • D. Input Validation

Answer: D

 

NEW QUESTION 63
Kenya is a system administrator for SANS. Per the recommendations of the CIS Controls she has a dedicated host (kenya- adminbox / 10.10.10.10) for any administrative tasks. She logs into the dedicated host with her domain admin credentials. Which of the following connections should not exist from kenya-adminbox?

  • A. 10.10.10.33.443
  • B. Mail.jane.org.25
  • C. Firewall_charon.jane.org.22
  • D. 10.10.245.3389

Answer: B

 

NEW QUESTION 64
An organization wants to test its procedure for data recovery. Which of the following will be most effective?

  • A. Verifying that network backups can't be read in transit
  • B. Verifying there are no errors in the backup server logs
  • C. Verifying a file can be recovered from backup media
  • D. Verifying that backup process is running when it should

Answer: C

 

NEW QUESTION 65
After installing a software package on several workstations, an administrator discovered the software opened network port TCP 23456 on each workstation. The port is part of a software management function that is not needed on corporate workstations. Which actions would best protect the computers with the software package installed?

  • A. Redirect traffic to and from the software management port to a non-default port
  • B. Document the port number and request approval from a change control group
  • C. Determine which service controls the software management function and opens the port, and disable it
  • D. Block TCP 23456 at the network perimeter firewall

Answer: C

 

NEW QUESTION 66
Which of the following should be measured and analyzed regularly when implementing the Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers CIS Control?

  • A. What percentage of systems in the organization are using Network Level Authentication (NLA)
  • B. What percentage of assets will have their settings enforced and redeployed
  • C. What percentage of the organization's applications are using sandboxing products
  • D. How long does it take to identify new unauthorized listening ports on the network systems
  • E. How long does it take to remove unauthorized software from the organization's systems

Answer: B

 

NEW QUESTION 67
Acme Corporation is doing a core evaluation of its centralized logging capabilities. Which of the following scenarios indicates a failure in more than one CIS Control?

  • A. The loghost is missing logs from 3 servers in the inventory
  • B. The loghost is receiving out-of-sync logs from undocumented servers
  • C. The loghost time is out-of-sync with an external host
  • D. The loghost is receiving logs from hosts with different timezone values

Answer: B

 

NEW QUESTION 68
An organization has created a policy that allows software from an approved list of applications to be installed on workstations. Programs not on the list should not be installed. How can the organization best monitor compliance with the policy?

  • A. Comparing system snapshots and alerting when changes are made
  • B. Performing regular port scans of workstations on the network
  • C. Auditing Active Directory and alerting when new accounts are created
  • D. Creating an IDS signature to alert based on unknown "User-Agent " strings

Answer: D

 

NEW QUESTION 69
Which of the following archiving methods would maximize log integrity?

  • A. CD-RW
  • B. Magnetic Tape
  • C. USB flash drive
  • D. DVD-R

Answer: D

 

NEW QUESTION 70
An organization has installed a firewall for Boundary Defense. It allows only outbound traffic from internal workstations for web and SSH, allows connections from the internet to the DMZ, and allows guest wireless access to the internet only. How can an auditor validate these rules?

  • A. Try to send email from a wireless guest account
  • B. Try to access the internal network from the wireless router
  • C. Check for packets going from the Internet to the Web server
  • D. Check for packages going from the web server to the user workstations

Answer: B

 

NEW QUESTION 71
As part of an effort to implement a control on E-mail and Web Protections, an organization is monitoring their webserver traffic. Which event should they receive an alert on?

  • A. The number of website hits is higher that the daily average
  • B. The logfiles of the webserver are rotated and archived
  • C. The website does not respond to a SYN packet for 30 minutes
  • D. The website issues a RST to a client after the connection is idle

Answer: C

 

NEW QUESTION 72
An auditor is focusing on potential vulnerabilities. Which of the following should cause an alert?

  • A. Server that has zero browser plug-ins
  • B. Windows host with an uptime of 382 days
  • C. Workstation on which a domain admin has never logged in
  • D. Fully patched guest machine that is not in the asset inventory

Answer: B

 

NEW QUESTION 73
......

Authentic GCCC Dumps With 100% Passing Rate Practice Tests Dumps: https://examtorrent.actualcollection.com/GCCC-exam-questions.html

Related Articles

more
GIAC GCCC Certification Practice Exam

Copyright © 2026 ActualCollection NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy