This page was exported from Free valid test braindumps [ http://free.validbraindumps.com ] Export date:Sat Apr 5 17:56:40 2025 / +0000 GMT ___________________________________________________ Title: GIAC GCCC Real Exam Questions Test Engine Dumps Training With 95 Questions [Q24-Q46] --------------------------------------------------- GIAC GCCC Real Exam Questions Test Engine Dumps Training With 95 Questions GCCC Actual Questions Answers PDF 100% Cover Real Exam Questions NO.24 What tool creates visual network topology output and results that can be analyzed by Ndiff to determine if a service or network asset has changed?  Ngrep  CIS-CAT  Netscreen  Zenmap NO.25 A security incident investigation identified the following modified version of a legitimate system file on a compromised client:C:WindowsSystem32winxml.dll Addition Jan. 16, 2014 4:53:11 PMThe infection vector was determined to be a vulnerable browser plug-in installed by the user. Which of the organization’s CIS Controls failed?  Application Software Security  Inventory and Control of Software Assets  Maintenance, Monitoring, and Analysis of Audit Logs  Inventory and Control of Hardware Assets NO.26 An administrator looking at a web application’s log file found login attempts by the same host over several seconds. Each user ID was attempted with three different passwords. The event took place over 5 seconds.* ROOT* TEST* ADMIN* SQL* USER* NAGIOSGUESTWhat is the most likely source of this event?  An IT administrator attempting to use outdated credentials to enter the site  An attempted Denial of Service attack by locking out administrative accounts  An automated tool that attempts to use a dictionary attack to infiltrate a website  An attempt to use SQL Injection to gain information from a web-connected database NO.27 An organization has installed a firewall for Boundary Defense. It allows only outbound traffic from internal workstations for web and SSH, allows connections from the internet to the DMZ, and allows guest wireless access to the internet only. How can an auditor validate these rules?  Check for packets going from the Internet to the Web server  Try to send email from a wireless guest account  Check for packages going from the web server to the user workstations  Try to access the internal network from the wireless router NO.28 John is implementing a commercial backup solution for his organization. Which of the following steps should be on the configuration checklist?  Enable encryption if it ‘s not enabled by default  Disable software-level encryption to increase speed of transfer  Develop a unique encryption scheme NO.29 Which type of scan is best able to determine if user workstations are missing any important patches?  A network vulnerability scan using aggressive scanning  A source code scan  A port scan using banner grabbing  A web application/database scan  A vulnerability scan using valid credentials NO.30 Scan 1 was taken on Monday. Scan 2 was taken of the same network on Wednesday. Which of the following findings is accurate based on the information contained in the scans?  The host located at 192.168.177.7 is no longer on the network  The host with MAC Address D8:50:E6:9F:EE:60 is no longer on the network  The host located at 192.168.177.21 is a new host on the network  The host with MAC Address D8:50:E6:9F:EE:60 had an IP address change NO.31 Which projects enumerates or maps security issues to CVE?  CIS Controls  SCAP  ISO 2700  NIST NO.32 Which approach is recommended by the CIS Controls for performing penetration tests?  Document a single vulnerability per system  Utilize a single attack vector at a time  Complete intrusive tests on test systems  Execute all tests during network maintenance windows NO.33 Which of the following actions would best mitigate against phishing attempts such as the example below?  Establishing email filters to block no-reply address emails  Making web filters to prevent accessing Google Docs  Having employee’s complete user awareness training  Recommending against the use of Google Docs NO.34 An organization is implementing a control for the Limitation and Control of Network Ports, Protocols, and Services CIS Control. Which action should they take when they discover that an application running on a web server is no longer needed?  Uninstall the application providing the service  Turn the service off in the host configuration files  Block the protocol for the unneeded service at the firewall  Create an access list on the router to filter traffic to the host NO.35 Kenya is a system administrator for SANS. Per the recommendations of the CIS Controls she has a dedicated host (kenya- adminbox / 10.10.10.10) for any administrative tasks. She logs into the dedicated host with her domain admin credentials. Which of the following connections should not exist from kenya-adminbox?  10.10.245.3389  Mail.jane.org.25  Firewall_charon.jane.org.22  10.10.10.33.443 NO.36 Which of the following is a benefit of stress-testing a network?  To determine device behavior in a DoS condition.  To determine bandwidth needs for the network.  To determine the connectivity of the network  To determine the security configurations of the network NO.37 A need has been identified to organize and control access to different classifications of information stored on a fileserver. Which of the following approaches will meet this need?  Organize files according to the user that created them and allow the user to determine permissions  Divide the documents into confidential, internal, and public folders, and ser permissions on each folder  Set user roles by job or position, and create permission by role for each file  Divide the documents by department and set permissions on each departmental folder NO.38 Acme Corporation performed an investigation of its centralized logging capabilities. It found that the central server is missing several types of logs from three servers in Acme’s inventory. Given these findings, what is the most appropriate next step?  Define processes to manually review logs for the problem servers  Restart or reinstall the logging service on each of the problem servers  Perform analysis to identify the source of the logging problems  Document the missing logs in the core evaluation report as a minor issue NO.39 Which of the options below will do the most to reduce an organization’s attack surface on the internet?  Deploy an access control list on the perimeter router and limit inbound ICMP messages to echo requests only  Deploy antivirus software on internet-facing hosts, and ensure that the signatures are updated regularly  Ensure that rotation of duties is used with employees in order to compartmentalize the most important tasks  Ensure only necessary services are running on Internet-facing hosts, and that they are hardened according to best practices NO.40 Which of the following should be measured and analyzed regularly when implementing the Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers CIS Control?  How long does it take to identify new unauthorized listening ports on the network systems  How long does it take to remove unauthorized software from the organization’s systems  What percentage of the organization’s applications are using sandboxing products  What percentage of assets will have their settings enforced and redeployed  What percentage of systems in the organization are using Network Level Authentication (NLA) NO.41 What type of Unified Modelling Language (UML) diagram is used to show dependencies between logical groupings in a system?  Package diagram  Deployment diagram  Class diagram  Use case diagram NO.42 An organization has implemented a control for penetration testing and red team exercises conducted on their network. They have compiled metrics showing the success of the penetration testing (Penetration Tests), as well as the number of actual adversary attacks they have sustained (External Attacks). Assess the metrics below and determine the appropriate interpretation with respect to this control.  The blue team is adequately protecting the network  There are too many internal penetration tests being conducted  The methods the red team is using are not effectively testing the network  The red team is improving their capability to measure network security NO.43 As part of an effort to implement a control on E-mail and Web Protections, an organization is monitoring their webserver traffic. Which event should they receive an alert on?  The number of website hits is higher that the daily average  The logfiles of the webserver are rotated and archived  The website does not respond to a SYN packet for 30 minutes  The website issues a RST to a client after the connection is idle NO.44 An Internet retailer’s database was recently exploited by a foreign criminal organization via a remote attack.The initial exploit resulted in immediate root-level access. What could have been done to prevent this level of access being given to the intruder upon successful exploitation?  Configure the DMZ firewall to block unnecessary service  Install host integrity monitoring software  Install updated anti-virus software  Configure the database to run with lower privileges NO.45 Why is it important to enable event log storage on a system immediately after it is installed?  To allow system to be restored to a known good state if it is compromised  To create the ability to separate abnormal behavior from normal behavior during an incident  To compare it performance with other systems already on the network  To identify root kits included on the system out of the box NO.46 Review the below results of an audit on a server. Based on these results, which document would you recommend be reviewed for training or updates?  Procedure for authorizing remote server access  Procedure for modifying file permissions  Procedure for adjusting network share permissions  Procedure for setting and resetting user passwords  Loading … ValidBraindumps GCCC Exam Practice Test Questions: https://www.validbraindumps.com/GCCC-exam-prep.html --------------------------------------------------- Images: https://free.validbraindumps.com/wp-content/plugins/watu/loading.gif https://free.validbraindumps.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2024-09-14 16:39:06 Post date GMT: 2024-09-14 16:39:06 Post modified date: 2024-09-14 16:39:06 Post modified date GMT: 2024-09-14 16:39:06