Updated Nov-2021 Official licence for GCCC Certified by GCCC Dumps PDF
Grab latest Amazon GCCC Dumps as PDF Updated on 2021
GIAC GCCC Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
| Topic 9 |
|
| Topic 10 |
|
| Topic 11 |
|
NEW QUESTION 31
What tool creates visual network topology output and results that can be analyzed by Ndiff to determine if a service or network asset has changed?
- A. Zenmap
- B. Netscreen
- C. Ngrep
- D. CIS-CAT
Answer: A
NEW QUESTION 32
If an attacker wanted to dump hashes or run wmic commands on a target machine, which of the following tools would he use?
- A. OpenVAS
- B. Metasploit
- C. Mimikatz
Answer: B
NEW QUESTION 33
DHCP logging output in the screenshot would be used for which of the following?
- A. Enforcing port-based network access control to prevent unauthorized devices on the network.
- B. Providing ping sweep results to identify live network hosts for vulnerability scanning.
- C. Detecting malicious activity by compromised or unauthorized devices on the network.
- D. Identifying new connections to maintain an up-to-date inventory of devices on the network.
Answer: D
NEW QUESTION 34
During a security audit which test should result in a source packet failing to reach its intended destination?
- A. A packet originating from the company's DMZ is sent to a host on the company's internal network
- B. A new connection request from the internet is sent to the company's DNS server
- C. A packet originating from the company's internal network is sent to the company's DNS server
- D. A new connection request from the Internet is sent to a host on the company 's internal net work
Answer: D
NEW QUESTION 35
Review the below results of an audit on a server. Based on these results, which document would you recommend be reviewed for training or updates?
- A. Procedure for authorizing remote server access
- B. Procedure for adjusting network share permissions
- C. Procedure for modifying file permissions
- D. Procedure for setting and resetting user passwords
Answer: D
NEW QUESTION 36
Which of the following can be enabled on a Linux based system in order to make it more difficult for an attacker to execute malicious code after launching a buffer overflow attack?
- A. Iptables
- B. ASLR
- C. Tripwire
- D. SUID
- E. TCP Wrappers
Answer: B
NEW QUESTION 37
The settings in the screenshot would be configured as part of which CIS Control?
- A. Inventory and Control of Hardware Assets
- B. Account Monitoring and Control
- C. Application Software Security
- D. Controlled Use of Administrative Privileges
Answer: A
NEW QUESTION 38
A global corporation has major data centers in Seattle, New York, London and Tokyo. Which of the following is the correct approach from an intrusion detection and event correlation perspective?
- A. Configure all data center systems to use local time
- B. Synchronize between Seattle and New York, and use local time for London and Tokyo
- C. Configure all systems to use their default time settings
- D. Configure all data center systems to use GMT time
Answer: A
NEW QUESTION 39
An organization has implemented a control for Controlled Use of Administrative Privilege. The control requires users to enter a password from their own user account before being allowed elevated privileges, and that no client applications (e.g. web browsers, e-mail clients) can be run with elevated privileges. Which of the following actions will validate this control is implemented properly?
- A. Force the root account to only be accessible from the system console.
- B. Check the log entries to match privilege use with access from authorized users.
- C. Run a script at intervals to identify processes running with administrative privilege.
Answer: C
NEW QUESTION 40
An organization has implemented a policy to continually detect and remove malware from its network. Which of the following is a detective control needed for this?
- A. Network Intrusion Prevention sends alerts when RST packets are received
- B. Network Intrusion Detection devices sends alerts when signatures are updated
- C. Host-based firewall sends alerts when packets are sent to a closed port
- D. Host-based anti-virus sends alerts to a central security console
Answer: D
NEW QUESTION 41
What could a security team use the command line tool Nmap for when implementing the Inventory and Control of Hardware Assets Control?
- A. Actively identify new servers
- B. Control which devices can connect to the network
- C. Inventory offline databases
- D. Passively identify new devices
Answer: A
NEW QUESTION 42
IDS alerts at Service Industries are received by email. A typical day process over 300 emails with fewer than
50 requiring action. A recent attack was successful and went unnoticed due to the number of generated alerts.
What should be done to prevent this from recurring?
- A. Change the alert method from email to text message.
- B. Configure the IDS alerts to only alert on high priority systems.
- C. Tune the IDS rules to decrease false positives.
- D. Increase the number of staff responsible for processing IDS alerts.
Answer: C
NEW QUESTION 43
Which of the following CIS Controls is used to manage the security lifecycle by validating that the documented controls are in place?
- A. Controlled Use of Administrative Privilege
- B. Account Monitoring and Control
- C. Penetration Tests and Red Team Exercises
- D. Data Protection
Answer: C
NEW QUESTION 44
A need has been identified to organize and control access to different classifications of information stored on a fileserver. Which of the following approaches will meet this need?
- A. Organize files according to the user that created them and allow the user to determine permissions
- B. Divide the documents into confidential, internal, and public folders, and ser permissions on each folder
- C. Set user roles by job or position, and create permission by role for each file
- D. Divide the documents by department and set permissions on each departmental folder
Answer: B
NEW QUESTION 45
Kenya is a system administrator for SANS. Per the recommendations of the CIS Controls she has a dedicated host (kenya- adminbox / 10.10.10.10) for any administrative tasks. She logs into the dedicated host with her domain admin credentials. Which of the following connections should not exist from kenya-adminbox?
- A. Firewall_charon.jane.org.22
- B. Mail.jane.org.25
- C. 10.10.245.3389
- D. 10.10.10.33.443
Answer: B
NEW QUESTION 46
An organization wants to test its procedure for data recovery. Which of the following will be most effective?
- A. Verifying there are no errors in the backup server logs
- B. Verifying that backup process is running when it should
- C. Verifying a file can be recovered from backup media
- D. Verifying that network backups can't be read in transit
Answer: C
NEW QUESTION 47
......
Latest GCCC Exam Dumps GIAC Exam from Training: https://www.test4cram.com/GCCC_real-exam-dumps.html
Newly Released GCCC Dumps for Cyber Security Certified: https://drive.google.com/open?id=1s8xB9P6WSnpzUhmKtTyAtqiyv0_dKPPj