GIAC Critical Controls Certification (GCCC) (GCCC) Free Practice Test

Question 1

What is a zero-day attack?

A. An attack that is launched the day the patch is released

B. An attack that has a known attack signature but no available patch

C. An attack that utilizes a vulnerability unknown to the software developer

D. An attack that deploys at the end of a countdown sequence

Correct Answer: C

Question 2

An organization has implemented a control for Controlled Use of Administrative Privilege. The control requires users to enter a password from their own user account before being allowed elevated privileges, and that no client applications (e.g. web browsers, e-mail clients) can be run with elevated privileges. Which of the following actions will validate this control is implemented properly?

A. Force the root account to only be accessible from the system console.

B. Run a script at intervals to identify processes running with administrative privilege.

C. Check the log entries to match privilege use with access from authorized users.

Correct Answer: B

Question 3

Which of the following is necessary to automate a control for Inventory and Control of Hardware Assets?

A. A centralized time server

B. An up-to-date hardening guide

C. A method of device scanning

D. An inventory of unauthorized assets

Correct Answer: C

Question 4

Which of the following is used to prevent spoofing of e-mail addresses?

A. Public-Key Cryptography

B. Simple Mail Transfer Protocol

C. DNS Security Extensions

D. Sender Policy Framework

Correct Answer: D

Question 5

As part of a scheduled network discovery scan, what function should the automated scanning tool perform?

A. Automatically close ports and services not included in the current baseline

B. Alert the incident response team on ports and services added since the last scan

C. Uninstall listening services that have not been used since the last scheduled scan

D. Compare discovered ports and services to a known baseline to report deviations

Correct Answer: D

Question 6

Which of the following should be measured and analyzed regularly when implementing the Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers CIS Control?

A. How long does it take to identify new unauthorized listening ports on the network systems

B. What percentage of the organization's applications are using sandboxing products

C. How long does it take to remove unauthorized software from the organization's systems

D. What percentage of assets will have their settings enforced and redeployed

E. What percentage of systems in the organization are using Network Level Authentication (NLA)

Correct Answer: D

Question 7

Why is it important to enable event log storage on a system immediately after it is installed?

A. To compare it performance with other systems already on the network

B. To identify root kits included on the system out of the box

C. To allow system to be restored to a known good state if it is compromised

D. To create the ability to separate abnormal behavior from normal behavior during an incident

Correct Answer: D

Question 8

What type of Unified Modelling Language (UML) diagram is used to show dependencies between logical groupings in a system?

A. Class diagram

B. Deployment diagram

C. Use case diagram

D. Package diagram

Correct Answer: D

Question 9

During a security audit which test should result in a source packet failing to reach its intended destination?

A. A new connection request from the internet is sent to the company's DNS server

B. A new connection request from the Internet is sent to a host on the company 's internal net work

C. A packet originating from the company's DMZ is sent to a host on the company's internal network

D. A packet originating from the company's internal network is sent to the company's DNS server

Correct Answer: B

Question 10

What tool creates visual network topology output and results that can be analyzed by Ndiff to determine if a service or network asset has changed?

A. Ngrep

B. CIS-CAT

C. Zenmap

D. Netscreen

Correct Answer: C

Welcome to TestSimulate

GIAC Critical Controls Certification (GCCC) (GCCC) Free Practice Test