Summer Special Flat 65% Limited Time Discount offer - Ends in 0d 00h 00m 00s - Coupon code: netdisc

Examstrust Logo
examstrust mcafee
  1. Home
  2. GIAC
  3. Cyber Security
  4. GCCC - GIAC Critical Controls Certification (GCCC)

GIAC GCCC GIAC Critical Controls Certification (GCCC) Exam Practice Test

Page: 1 / 9
Total 93 questions
Get GCCC Full Access Download GCCC PDF

GIAC Critical Controls Certification (GCCC) Questions and Answers

Testing Engine

  • Product Type: Testing Engine
$43.75  $124.99
Add to Cart

PDF + Testing Engine

  • Product Type: PDF + Testing Engine
$61.25  $174.99
Add to Cart

PDF Study Guide

  • Product Type: PDF Study Guide
$38.5  $109.99
Add to Cart
Question 1

An organization has implemented a control for Controlled Use of Administrative Privileges. They are collecting audit data for each login, logout, and location for the root account of their MySQL server, but they are unable to attribute each of these logins to a specific user. What action can they take to rectify this?

Options:

A.

Force the root account to only be accessible from the system console.

B.

Turn on SELinux and user process accounting for the MySQL server.

C.

Force user accounts to use ‘sudo’ f or privileged use.

D.

Blacklist client applications from being run in privileged mode.

Question 2

An organization has installed a firewall for Boundary Defense. It allows only outbound traffic from internal workstations for web and SSH, allows connections from the internet to the DMZ, and allows guest wireless access to the internet only. How can an auditor validate these rules?

Options:

A.

Check for packets going from the Internet to the Web server

B.

Try to send email from a wireless guest account

C.

Check for packages going from the web server to the user workstations

D.

Try to access the internal network from the wireless router

Question 3

Which of the following actions would best mitigate against phishing attempts such as the example below?

Options:

A.

Establishing email filters to block no-reply address emails

B.

Making web filters to prevent accessing Google Docs

C.

Having employee’s complete user awareness training

D.

Recommending against the use of Google Docs

Question 4

What is the first step suggested before implementing any single CIS Control?

Options:

A.

Develop an effectiveness test

B.

Perform a gap analysis

C.

Perform a vulnerability scan

D.

Develop a roll-out schedule

Question 5

IDS alerts at Service Industries are received by email. A typical day process over 300 emails with fewer than 50 requiring action. A recent attack was successful and went unnoticed due to the number of generated alerts. What should be done to prevent this from recurring?

Options:

A.

Tune the IDS rules to decrease false positives.

B.

Increase the number of staff responsible for processing IDS alerts.

C.

Change the alert method from email to text message.

D.

Configure the IDS alerts to only alert on high priority systems.

Question 6

John is implementing a commercial backup solution for his organization. Which of the following steps should be on the configuration checklist?

Options:

A.

Enable encryption if it ’s not enabled by default

B.

Disable software-level encryption to increase speed of transfer

C.

Develop a unique encryption scheme

Question 7

What tool creates visual network topology output and results that can be analyzed by Ndiff to determine if a service or network asset has changed?

Options:

A.

Ngrep

B.

CIS-CAT

C.

Netscreen

D.

Zenmap

Question 8

Which of the following archiving methods would maximize log integrity?

Options:

A.

DVD-R

B.

USB flash drive

C.

Magnetic Tape

D.

CD-RW

Question 9

Which of the following is a reliable way to test backed up data?

Options:

A.

Verify the file size of the backup

B.

Confirm the backup service is running at the proper time

C.

Compare data hashes of backed up data to original systems

D.

Restore the data to a system

Question 10

Which of the following should be used to test antivirus software?

Options:

A.

FIPS 140-2

B.

Code Red

C.

Heartbleed

D.

EICAR

Question 11

Scan 1 was taken on Monday. Scan 2 was taken of the same network on Wednesday. Which of the following findings is accurate based on the information contained in the scans?

Options:

A.

The host located at 192.168.177.7 is no longer on the network

B.

The host with MAC Address D8:50:E6:9F:EE:60 is no longer on the network

C.

The host located at 192.168.177.21 is a new host on the network

D.

The host with MAC Address D8:50:E6:9F:EE:60 had an IP address change

Question 12

John a network administrator at Northeast High School. Faculty have been complaining that although they can detect and authenticate to the faculty wireless network, they are unable to connect. While troubleshooting, John discovers that the wireless network server is out of DHCP addresses due to a large number of unauthorized student devices connecting to the network. Which course of action would be an effective temporary stopgap to secure the network until a permanent solution can be found?

Options:

A.

Limit access to allowed MAC addresses

B.

Increase the size of the DHCP pool

C.

Change the password immediately

D.

Shorten the DHCP lease time

Question 13

A breach was discovered after several customers reported fraudulent charges on their accounts. The attacker had exported customer logins and cracked passwords that were hashed but not salted. Customers were made to reset their passwords.

Shortly after the systems were cleaned and restored to service, it was discovered that a compromised system administrator’s account was being used to give the attacker continued access to the network. Which CIS Control failed in the continued access to the network?

Options:

A.

Maintenance, Monitoring, and Analysis of Audit Logs

B.

Controlled Use of Administrative Privilege

C.

Incident Response and Management

D.

Account Monitoring and Control

Load More GCCC Questions
Page: 1 / 9
Total 93 questions
Get GCCC Full Access Download GCCC PDF