GIAC Critical Controls Certification (GCCC)

Question 1

What type of Unified Modelling Language (UML) diagram is used to show dependencies between logical groupings in a system?

A. Package diagram

B. Class diagram

C. Deployment diagram

D. Use case diagram

Correct Answer: A

Question 2

Allied services have recently purchased NAC devices to detect and prevent non-company owned devices from attaching to their internal wired and wireless network. Corporate devices will be automatically added to the approved device list by querying Active Directory for domain devices. Non-approved devices will be placed on a protected VLAN with no network access. The NAC also offers a web portal that can be integrated with Active Directory to allow for employee device registration which will not be utilized in this deployment.
Which of the following recommendations would make NAC installation more secure?

A. Enforce company configuration standards for personal mobile devices

B. Configure Active Directory to push an updated inventory to the NAC daily

C. Change the wireless password following the NAC implementation

D. Disable the web portal device registration service

Correct Answer: D

Question 3

Below is a screenshot from a deployed next-generation firewall. These configuration settings would be a defensive measure for which CIS Control?

A. Secure Configuration for Network Devices, such as Firewalls, Routers and Switches.

B. Controlled Access Based on the Need to Know

C. Email and Web Browser Protections

D. Limitation and Control of Network Ports, Protocols and Services

Correct Answer: C

Question 4

An auditor is focusing on potential vulnerabilities. Which of the following should cause an alert?

A. Fully patched guest machine that is not in the asset inventory

B. Windows host with an uptime of 382 days

C. Workstation on which a domain admin has never logged in

D. Server that has zero browser plug-ins

Correct Answer: B

Question 5

Janice is auditing the perimeter of the network at Sugar Water InC. According to documentation, external SMTP traffic is only allowed to and from 10.10.10.25. Which of the following actions would demonstrate the rules are configured incorrectly?

A. Receive mail at Sugar Water Inc. account using Outlook as a mail client

B. Receive spam from a known bad domain

C. Successfully deliver mail from web client using another host inside the network to an external contact.

D. Successfully deliver mail from another host inside the network directly to an external contact

Correct Answer: D

Question 6

Which of the following is necessary for implementing and automating the Continuous Vulnerability Assessment and Remediation CIS Control?

A. Software Whitelisting System

B. Patch Management System

C. Penetration Testing System

D. System Configuration Enforcement System

Correct Answer: B

Question 7

Review the below results of an audit on a server. Based on these results, which document would you recommend be reviewed for training or updates?

A. Procedure for adjusting network share permissions

B. Procedure for authorizing remote server access

C. Procedure for setting and resetting user passwords

D. Procedure for modifying file permissions

Correct Answer: C

Question 8

An organization is implementing a control for the Limitation and Control of Network Ports, Protocols, and Services CIS Control. Which action should they take when they discover that an application running on a web server is no longer needed?

A. Uninstall the application providing the service

B. Create an access list on the router to filter traffic to the host

C. Block the protocol for the unneeded service at the firewall

D. Turn the service off in the host configuration files

Correct Answer: A

Question 9

An organization has implemented a control for penetration testing and red team exercises conducted on their network. They have compiled metrics showing the success of the penetration testing (Penetration Tests), as well as the number of actual adversary attacks they have sustained (External Attacks). Assess the metrics below and determine the appropriate interpretation with respect to this control.

A. The red team is improving their capability to measure network security

B. The methods the red team is using are not effectively testing the network

C. The blue team is adequately protecting the network

D. There are too many internal penetration tests being conducted

Correct Answer: B

Question 10

What is the first step suggested before implementing any single CIS Control?

A. Develop an effectiveness test

B. Perform a gap analysis

C. Perform a vulnerability scan

D. Develop a roll-out schedule

Correct Answer: B

GIAC Critical Controls Certification (GCCC) - GCCC Exam Practice Test

Latest Update

Useful Links

Contact Us