Summer Certification Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Pass the GIAC Cyber Security GCCC Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.
Exam GCCC Premium Access

View all detail and faqs for the GCCC exam

Go to Exam

751 Students Passed

88% Average Score

93% Same Questions
Viewing page 3 out of 3 pages
Viewing questions 21-30 out of questions
Questions # 21:

Which of the following is necessary to automate a control for Inventory and Control of Hardware Assets?

Options:

A.

A method of device scanning

B.

A centralized time server

C.

An up-to-date hardening guide

D.

An inventory of unauthorized assets

Questions # 22:

Which CIS Control includes storing system images on a hardened server, scanning production systems for out-of-date software, and using file integrity assessment tools like tripwire?

Options:

A.

Inventory of Authorized and Unauthorized Software

B.

Continuous Vulnerability Management

C.

Secure Configurations for Network Devices such as Firewalls, Routers and Switches

D.

Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers

Questions # 23:

What could a security team use the command line tool Nmap for when implementing the Inventory and Control of Hardware Assets Control?

Options:

A.

Control which devices can connect to the network

B.

Passively identify new devices

C.

Inventory offline databases

D.

Actively identify new servers

Questions # 24:

The settings in the screenshot would be configured as part of which CIS Control?

Question # 24

Options:

A.

Application Software Security

B.

Inventory and Control of Hardware Assets

C.

Account Monitoring and Control

D.

Controlled Use of Administrative Privileges

Questions # 25:

Which of the following is a benefit of stress-testing a network?

Options:

A.

To determine device behavior in a DoS condition.

B.

To determine bandwidth needs for the network.

C.

To determine the connectivity of the network

D.

To determine the security configurations of the network

Questions # 26:

An auditor is focusing on potential vulnerabilities. Which of the following should cause an alert?

Options:

A.

Workstation on which a domain admin has never logged in

B.

Windows host with an uptime of 382 days

C.

Server that has zero browser plug-ins

D.

Fully patched guest machine that is not in the asset inventory

Questions # 27:

Which of the following is a requirement in order to implement the principle of least privilege?

Options:

A.

Mandatory Access Control (MAC)

B.

Data normalization

C.

Data classification

D.

Discretionary Access Control (DAC)

Viewing page 3 out of 3 pages
Viewing questions 21-30 out of questions
TOP CODES

TOP CODES

Top selling exam codes in the certification world, popular, in demand and updated to help you pass on the first try.

2V0-11.25
ADM-201
Agentforce-Specialist
CMMC-CCP
Data-Cloud-Consultant
PDI
PSE-Strata-Pro-24
Secure-Software-Design
Sharing-and-Visibility-Architect
Workday-Pro-Integrations
ZDTA