Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

GIAC GCCC - GIAC Critical Controls Certification (GCCC)

GIAC GCCC Premium Access     Download Demo    
Page: 1 / 3
Total 93 questions

An analyst investigated unused organizational accounts. The investigation found that:

-10% of accounts still have their initial login password, indicating they were never used

-10% of accounts have not been used in over six months

Which change in policy would mitigate the security risk associated with both findings?

A.

Users are required to change their password at the next login after three months

B.

Accounts must have passwords of at least 8 characters, with one number or symbol

C.

Accounts without login activity for 15 days are automatically locked

Acme Corporation is doing a core evaluation of its centralized logging capabilities. Which of the following scenarios indicates a failure in more than one CIS Control?

A.

The loghost is missing logs from 3 servers in the inventory

B.

The loghost is receiving logs from hosts with different timezone values

C.

The loghost time is out-of-sync with an external host

D.

The loghost is receiving out-of-sync logs from undocumented servers

An organization is implementing a control for the Account Monitoring and Control CIS Control, and have set the Account Lockout Policy as shown below. What is the risk presented by these settings?

A.

Brute-force password attacks could be more effective.

B.

Legitimate users could be unable to access resources.

C.

Password length and complexity will be automatically reduced.

D.

Once accounts are locked, they cannot be unlocked.

What could a security team use the command line tool Nmap for when implementing the Inventory and Control of Hardware Assets Control?

A.

Control which devices can connect to the network

B.

Passively identify new devices

C.

Inventory offline databases

D.

Actively identify new servers

Which of the following is necessary for implementing and automating the Continuous Vulnerability Assessment and Remediation CIS Control?

A.

Software Whitelisting System

B.

System Configuration Enforcement System

C.

Patch Management System

D.

Penetration Testing System

Below is a screenshot from a deployed next-generation firewall. These configuration settings would be a defensive measure for which CIS Control?

A.

Controlled Access Based on the Need to Know

B.

Limitation and Control of Network Ports, Protocols and Services

C.

Email and Web Browser Protections

D.

Secure Configuration for Network Devices, such as Firewalls, Routers and Switches.

As part of an effort to implement a control on E-mail and Web Protections, an organization is monitoring their webserver traffic. Which event should they receive an alert on?

A.

The number of website hits is higher that the daily average

B.

The logfiles of the webserver are rotated and archived

C.

The website does not respond to a SYN packet for 30 minutes

D.

The website issues a RST to a client after the connection is idle

Which projects enumerates or maps security issues to CVE?

A.

SCAP

B.

CIS Controls

C.

NIST

D.

ISO 2700

An organization has implemented a control for Controlled Use of Administrative Privileges. They are collecting audit data for each login, logout, and location for the root account of their MySQL server, but they are unable to attribute each of these logins to a specific user. What action can they take to rectify this?

A.

Force the root account to only be accessible from the system console.

B.

Turn on SELinux and user process accounting for the MySQL server.

C.

Force user accounts to use ‘sudo’ f or privileged use.

D.

Blacklist client applications from being run in privileged mode.

Which of the following can be enabled on a Linux based system in order to make it more difficult for an attacker to execute malicious code after launching a buffer overflow attack?

A.

ASLR

B.

Tripwire

C.

SUID

D.

Iptables

E.

TCP Wrappers