Check Real GIAC GCCC Exam Question for Free (2024) [Q52-Q67] | DumpsMaterials

  • Home
  • Articles
  • Check Real GIAC GCCC Exam Question for Free (2024) [Q52-Q67]

Check Real GIAC GCCC Exam Question for Free (2024) [Q52-Q67]

Share

Check Real GIAC GCCC Exam Question for Free (2024)

Get Ready to Boost your Prepare for your GCCC Exam with 95 Questions

NEW QUESTION # 52
Which of the following will decrease the likelihood of eavesdropping on a wireless network?

  • A. Broadcasting in the 5Ghz frequency
  • B. Putting the wireless network on a separate VLAN
  • C. Using Wired Equivalent Protocol (WEP)
  • D. Using EAP/TLS authentication and WPA2 with AES encryption

Answer: D


NEW QUESTION # 53
A security incident investigation identified the following modified version of a legitimate system file on a compromised client:
C:\Windows\System32\winxml.dll Addition Jan. 16, 2014 4:53:11 PM
The infection vector was determined to be a vulnerable browser plug-in installed by the user. Which of the organization's CIS Controls failed?

  • A. Inventory and Control of Hardware Assets
  • B. Inventory and Control of Software Assets
  • C. Maintenance, Monitoring, and Analysis of Audit Logs
  • D. Application Software Security

Answer: B


NEW QUESTION # 54
An administrator looking at a web application's log file found login attempts by the same host over several seconds. Each user ID was attempted with three different passwords. The event took place over 5 seconds.
* ROOT
* TEST
* ADMIN
* SQL
* USER
* NAGIOSGUEST
What is the most likely source of this event?

  • A. An attempt to use SQL Injection to gain information from a web-connected database
  • B. An attempted Denial of Service attack by locking out administrative accounts
  • C. An automated tool that attempts to use a dictionary attack to infiltrate a website
  • D. An IT administrator attempting to use outdated credentials to enter the site

Answer: C


NEW QUESTION # 55
After installing a software package on several workstations, an administrator discovered the software opened network port TCP 23456 on each workstation. The port is part of a software management function that is not needed on corporate workstations. Which actions would best protect the computers with the software package installed?

  • A. Redirect traffic to and from the software management port to a non-default port
  • B. Block TCP 23456 at the network perimeter firewall
  • C. Determine which service controls the software management function and opens the port, and disable it
  • D. Document the port number and request approval from a change control group

Answer: C


NEW QUESTION # 56
If an attacker wanted to dump hashes or run wmic commands on a target machine, which of the following tools would he use?

  • A. Metasploit
  • B. OpenVAS
  • C. Mimikatz

Answer: A


NEW QUESTION # 57
Review the below results of an audit on a server. Based on these results, which document would you recommend be reviewed for training or updates?

  • A. Procedure for adjusting network share permissions
  • B. Procedure for setting and resetting user passwords
  • C. Procedure for authorizing remote server access
  • D. Procedure for modifying file permissions

Answer: B


NEW QUESTION # 58
Which of the following best describes the CIS Controls?

  • A. Technical controls designed to provide protection from the most damaging attacks based on current threat data
  • B. Technical, administrative, and policy controls based on current regulations and security best practices
  • C. Technical controls designed to augment the NIST 800 series
  • D. Technical, administrative, and policy controls based on research provided by the SANS Institute

Answer: A


NEW QUESTION # 59
Which of the following is a benefit of stress-testing a network?

  • A. To determine device behavior in a DoS condition.
  • B. To determine the connectivity of the network
  • C. To determine bandwidth needs for the network.
  • D. To determine the security configurations of the network

Answer: A


NEW QUESTION # 60
Which of the following is a responsibility of a change management board?

  • A. Reviewing configuration of the documents
  • B. Providing recommendations for the changes
  • C. Approving system baseline configurations.
  • D. Reviewing log files for unapproved changes

Answer: C


NEW QUESTION # 61
What is the list displaying?

  • A. Missing patches from a patching server
  • B. Unauthorized programs detected in a software inventory
  • C. Installed software on an end-user device
  • D. Allowed program in a software inventory application

Answer: D


NEW QUESTION # 62
What documentation should be gathered and reviewed for evaluating an Incident Response program?

  • A. NIST Cybersecurity Framework
  • B. Policy and Procedures
  • C. Staff member interviews
  • D. Results from security training assessments

Answer: B


NEW QUESTION # 63
Which of the following actions produced the output seen below?

  • A. An access rule was removed from firewallrules2.txt
  • B. An access rule was removed from firewallrules.txt
  • C. An access rule was added to firewallrules2.txt
  • D. An access rule was added to firewallrules.txt

Answer: C


NEW QUESTION # 64
Kenya is a system administrator for SANS. Per the recommendations of the CIS Controls she has a dedicated host (kenya- adminbox / 10.10.10.10) for any administrative tasks. She logs into the dedicated host with her domain admin credentials. Which of the following connections should not exist from kenya-adminbox?

  • A. 10.10.10.33.443
  • B. 10.10.245.3389
  • C. Mail.jane.org.25
  • D. Firewall_charon.jane.org.22

Answer: C


NEW QUESTION # 65
John a network administrator at Northeast High School. Faculty have been complaining that although they can detect and authenticate to the faculty wireless network, they are unable to connect. While troubleshooting, John discovers that the wireless network server is out of DHCP addresses due to a large number of unauthorized student devices connecting to the network. Which course of action would be an effective temporary stopgap to secure the network until a permanent solution can be found?

  • A. Increase the size of the DHCP pool
  • B. Shorten the DHCP lease time
  • C. Limit access to allowed MAC addresses
  • D. Change the password immediately

Answer: D


NEW QUESTION # 66
IDS alerts at Service Industries are received by email. A typical day process over 300 emails with fewer than
50 requiring action. A recent attack was successful and went unnoticed due to the number of generated alerts.
What should be done to prevent this from recurring?

  • A. Configure the IDS alerts to only alert on high priority systems.
  • B. Change the alert method from email to text message.
  • C. Increase the number of staff responsible for processing IDS alerts.
  • D. Tune the IDS rules to decrease false positives.

Answer: D


NEW QUESTION # 67
......


The GCCC certification exam is offered by the Global Information Assurance Certification (GIAC), a leading provider of information security certifications. GCCC exam consists of 115 multiple-choice questions and must be completed within three hours. The passing score for the exam is 73%, and the certification is valid for four years.

 

Use Free GCCC Exam Questions that Stimulates Actual EXAM : https://freetorrent.dumpsmaterials.com/GCCC-real-torrent.html

Related Articles

more
GIAC GCCC Certification Practice Exam

DumpsMaterials dumps materials and dumps PDF will be your best choice. Please rest assured that our dumps materials and study materials will help you pass exams surely.

Latest Dumps Materials

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 DumpsMaterials NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy