[Q57-Q81] Pass Your GCCC Exam Easily With 100% Exam Passing Guarantee [2024]

Pass Your GCCC Exam Easily With 100% Exam Passing Guarantee [2024]

GCCC Dumps are Available for Instant Access from ExamsReviews

NEW QUESTION # 57
Given the audit finding below, which CIS Control was being measured?

• A. Inventory and Control of Hardware Assets
• B. Controlled Access Based on the Need to Know
• C. Limitation and Control of Network Ports, Protocols and Services
• D. Secure Configurations for Hardware and Software on Laptops, Workstations, and Servers
• E. Controlled Use of Administrative Privilege

Answer: E

NEW QUESTION # 58
Which of the following CIS Controls is used to manage the security lifecycle by validating that the documented controls are in place?

• A. Penetration Tests and Red Team Exercises
• B. Data Protection
• C. Controlled Use of Administrative Privilege
• D. Account Monitoring and Control

Answer: A

NEW QUESTION # 59
Which projects enumerates or maps security issues to CVE?

• A. NIST
• B. ISO 2700
• C. SCAP
• D. CIS Controls

Answer: C

NEW QUESTION # 60
When evaluating the Wireless Access Control CIS Control, which of the following systems needs to be tested?

• A. 802.1x authentication systems
• B. PII data scanner
• C. Log management system
• D. Data classification and access baselines

Answer: A

NEW QUESTION # 61
Janice is auditing the perimeter of the network at Sugar Water InC. According to documentation, external SMTP traffic is only allowed to and from 10.10.10.25. Which of the following actions would demonstrate the rules are configured incorrectly?

• A. Successfully deliver mail from web client using another host inside the network to an external contact.
• B. Receive spam from a known bad domain
• C. Receive mail at Sugar Water Inc. account using Outlook as a mail client
• D. Successfully deliver mail from another host inside the network directly to an external contact

Answer: D

NEW QUESTION # 62
IDS alerts at Service Industries are received by email. A typical day process over 300 emails with fewer than
50 requiring action. A recent attack was successful and went unnoticed due to the number of generated alerts.
What should be done to prevent this from recurring?

• A. Increase the number of staff responsible for processing IDS alerts.
• B. Tune the IDS rules to decrease false positives.
• C. Configure the IDS alerts to only alert on high priority systems.
• D. Change the alert method from email to text message.

Answer: B

NEW QUESTION # 63
As part of a scheduled network discovery scan, what function should the automated scanning tool perform?

• A. Compare discovered ports and services to a known baseline to report deviations
• B. Uninstall listening services that have not been used since the last scheduled scan
• C. Alert the incident response team on ports and services added since the last scan
• D. Automatically close ports and services not included in the current baseline

Answer: A

NEW QUESTION # 64
An organization has implemented a control for Controlled Use of Administrative Privileges. They are collecting audit data for each login, logout, and location for the root account of their MySQL server, but they are unable to attribute each of these logins to a specific user. What action can they take to rectify this?

• A. Turn on SELinux and user process accounting for the MySQL server.
• B. Blacklist client applications from being run in privileged mode.
• C. Force user accounts to use 'sudo' f or privileged use.
• D. Force the root account to only be accessible from the system console.

Answer: C

NEW QUESTION # 65
How can the results of automated network configuration scans be used to improve the security of the network?

• A. Results can be provided to network engineers as actionable feedback
• B. Results can be included in audit evidence failures
• C. Reports can be sent to the CIO for performance benchmarks
• D. Scanners can correct network configurations issues

Answer: A

NEW QUESTION # 66
An analyst investigated unused organizational accounts. The investigation found that:
-10% of accounts still have their initial login password, indicating they were never used
-10% of accounts have not been used in over six months
Which change in policy would mitigate the security risk associated with both findings?

• A. Accounts must have passwords of at least 8 characters, with one number or symbol
• B. Accounts without login activity for 15 days are automatically locked
• C. Users are required to change their password at the next login after three months

Answer: B

NEW QUESTION # 67
Below is a screenshot from a deployed next-generation firewall. These configuration settings would be a defensive measure for which CIS Control?

• A. Controlled Access Based on the Need to Know
• B. Limitation and Control of Network Ports, Protocols and Services
• C. Secure Configuration for Network Devices, such as Firewalls, Routers and Switches.
• D. Email and Web Browser Protections

Answer: D

NEW QUESTION # 68
What is a recommended defense for the CIS Control for Application Software Security?

• A. Keep debugging code in production web applications for quick troubleshooting
• B. Run a dedicated vulnerability scanner against backend databases
• C. Display system error messages for only non-kernel related events
• D. Limit access to the web application production environment to just the developers

Answer: B

NEW QUESTION # 69
What is the business goal of the Inventory and Control of Software Assets Control?

• A. All software conforms to licensing requirements for the business
• B. Accurate software versions and counts are documented for licensing updates
• C. Only authorized software should be installed on the agency 's c omput er s ys t ems
• D. Accurate software versions are captured to enable patching

Answer: C

NEW QUESTION # 70
An auditor is validating the policies and procedures for an organization with respect to a control for Data Recovery. The organization's control states they will completely back up critical servers weekly, with incremental backups every four hours. Which action will best verify success of the policy?

• A. Select a random file from a critical server and verify it is present in a backup set
• B. Verify that the backup media cannot be read without the encryption key
• C. Check the backup logs from the critical servers and verify there are no errors
• D. Restore the critical server data from backup and see if data is missing

Answer: D

NEW QUESTION # 71
Which of the following baselines is considered necessary to implement the Boundary Defense CIS Control?

• A. Multi-Factor Authentication Standard
• B. Network Information Flow
• C. Network Traffic/Service Baseline
• D. Network Device Configuration Baselines

Answer: B

NEW QUESTION # 72
A breach was discovered after several customers reported fraudulent charges on their accounts. The attacker had exported customer logins and cracked passwords that were hashed but not salted. Customers were made to reset their passwords.
Shortly after the systems were cleaned and restored to service, it was discovered that a compromised system administrator's account was being used to give the attacker continued access to the network. Which CIS Control failed in the continued access to the network?

• A. Incident Response and Management
• B. Maintenance, Monitoring, and Analysis of Audit Logs
• C. Controlled Use of Administrative Privilege
• D. Account Monitoring and Control

Answer: A

NEW QUESTION # 73
Implementing which of the following will decrease spoofed e-mail messages?

• A. Sender Policy Framework
• B. Network Address Translation
• C. Internet Message Access Protocol
• D. Finger Protocol

Answer: A

NEW QUESTION # 74
An organization has created a policy that allows software from an approved list of applications to be installed on workstations. Programs not on the list should not be installed. How can the organization best monitor compliance with the policy?

• A. Creating an IDS signature to alert based on unknown "User-Agent " strings
• B. Auditing Active Directory and alerting when new accounts are created
• C. Performing regular port scans of workstations on the network
• D. Comparing system snapshots and alerting when changes are made

Answer: A

NEW QUESTION # 75
During a security audit which test should result in a source packet failing to reach its intended destination?

• A. A packet originating from the company's DMZ is sent to a host on the company's internal network
• B. A new connection request from the Internet is sent to a host on the company 's internal net work
• C. A packet originating from the company's internal network is sent to the company's DNS server
• D. A new connection request from the internet is sent to the company's DNS server

Answer: B

NEW QUESTION # 76
An Internet retailer's database was recently exploited by a foreign criminal organization via a remote attack.
The initial exploit resulted in immediate root-level access. What could have been done to prevent this level of access being given to the intruder upon successful exploitation?

• A. Install updated anti-virus software
• B. Configure the DMZ firewall to block unnecessary service
• C. Install host integrity monitoring software
• D. Configure the database to run with lower privileges

Answer: D

NEW QUESTION # 77
Which approach is recommended by the CIS Controls for performing penetration tests?

• A. Utilize a single attack vector at a time
• B. Document a single vulnerability per system
• C. Complete intrusive tests on test systems
• D. Execute all tests during network maintenance windows

Answer: C

NEW QUESTION # 78
Which of the following items would be used reactively for incident response?

• A. A phone tree used to contact necessary personnel
• B. An IPS rule that prevents web access from international locations
• C. A script used to verify patches are installed on systems
• D. A schedule for creating and storing backup

Answer: A

NEW QUESTION # 79
How does an organization's hardware inventory support the control for secure configurations?

• A. It provides a list of unauthorized devices on the network
• B. It provides a list of managed devices that should be secured
• C. It identifies the life cycle of manufacturer support for hardware devices
• D. It provides the MAC addresses for insecure network adapters

Answer: B

NEW QUESTION # 80
Which type of scan is best able to determine if user workstations are missing any important patches?

• A. A source code scan
• B. A web application/database scan
• C. A port scan using banner grabbing
• D. A vulnerability scan using valid credentials
• E. A network vulnerability scan using aggressive scanning

Answer: D

NEW QUESTION # 81
......

The GCCC certification exam is designed for individuals who have experience in information security and are familiar with security controls and risk management. GCCC exam consists of 115 multiple-choice questions, and candidates have three hours to complete it. GCCC exam covers topics such as vulnerability management, access control, network security, and incident response. Candidates who pass the GCCC exam demonstrate their competency in implementing and managing the 20 Critical Security Controls and are recognized as experts in this field. The GCCC certification is a valuable credential for security professionals looking to advance their careers and demonstrate their knowledge and skills in critical security controls.

The GCCC certification is an excellent way for cybersecurity professionals to validate their skills and knowledge in implementing critical security controls. It provides a competitive advantage in the job market and demonstrates a commitment to ongoing professional development. With the increasing threat of cyber attacks, the demand for cybersecurity professionals with expertise in implementing critical security controls is only going to increase, making the GCCC certification a valuable investment in a cybersecurity career.

 

Study resources for the Valid GCCC Braindumps: https://www.examsreviews.com/GCCC-pass4sure-exam-review.html

Latest Cyber Security GCCC Actual Free Exam Questions: https://drive.google.com/open?id=1ng200Xj5Dmy1JwJSZTqRa_0rJP37Kt3r