GIAC GCCC GIAC Critical Controls Certification (GCCC) Online Training
GIAC GCCC Online Training
The questions for GCCC were last updated at Apr 04,2025.
- Exam Code: GCCC
- Exam Name: GIAC Critical Controls Certification (GCCC)
- Certification Provider: GIAC
- Latest update: Apr 04,2025
An organization has implemented a control for Controlled Use of Administrative Privileges. They are collecting audit data for each login, logout, and location for the root account of their MySQL server, but they are unable to attribute each of these logins to a specific user.
What action can they take to rectify this?
- A . Force the root account to only be accessible from the system console.
- B . Turn on SELinux and user process accounting for the MySQL server.
- C . Force user accounts to use ‘sudo’ f or privileged use.
- D . Blacklist client applications from being run in privileged mode.
Beta corporation is doing a core evaluation of its centralized logging capabilities. The security staff suspects that the central server has several log files over the past few weeks that have had their contents changed.
Given this concern, and the need to keep archived logs for log correction applications, what is the most appropriate next steps?
- A . Keep the files in the log archives synchronized with another location.
- B . Store the files read-only and keep hashes of the logs separately.
- C . Install a tier one timeserver on the network to keep log devices synchronized.
- D . Encrypt the log files with an asymmetric key and remove the cleartext version.
Which of the following is a benefit of stress-testing a network?
- A . To determine device behavior in a DoS condition.
- B . To determine bandwidth needs for the network.
- C . To determine the connectivity of the network
- D . To determine the security configurations of the network
Which of the following is a reliable way to test backed up data?
- A . Verify the file size of the backup
- B . Confirm the backup service is running at the proper time
- C . Compare data hashes of backed up data to original systems
- D . Restore the data to a system
John a network administrator at Northeast High School. Faculty have been complaining that although they can detect and authenticate to the faculty wireless network, they are unable to connect. While troubleshooting, John discovers that the wireless network server is out of DHCP addresses due to a large number of unauthorized student devices connecting to the network.
Which course of action would be an effective temporary stopgap to secure the network until a permanent solution can be found?
- A . Limit access to allowed MAC addresses
- B . Increase the size of the DHCP pool
- C . Change the password immediately
- D . Shorten the DHCP lease time
An organization is implementing a control for the Limitation and Control of Network Ports, Protocols, and Services CIS Control.
Which action should they take when they discover that an application running on a web server is no longer needed?
- A . Uninstall the application providing the service
- B . Turn the service off in the host configuration files
- C . Block the protocol for the unneeded service at the firewall
- D . Create an access list on the router to filter traffic to the host
What is the first step suggested before implementing any single CIS Control?
- A . Develop an effectiveness test
- B . Perform a gap analysis
- C . Perform a vulnerability scan
- D . Develop a roll-out schedule
Which of the following assigns a number indicating the severity of a discovered software vulnerability?
- A . CPE
- B . CVE
- C . CCE
- D . CVSS
What could a security team use the command line tool Nmap for when implementing the Inventory and Control of Hardware Assets Control?
- A . Control which devices can connect to the network
- B . Passively identify new devices
- C . Inventory offline databases
- D . Actively identify new servers
An organization wants to test its procedure for data recovery.
Which of the following will be most effective?
- A . Verifying a file can be recovered from backup media
- B . Verifying that backup process is running when it should
- C . Verifying that network backups can’t be read in transit
- D . Verifying there are no errors in the backup server logs
Latest GCCC Dumps Valid Version with 93 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
