Free GCCC Exam Dumps

Question 11

Which of the following archiving methods would maximize log integrity?

A. DVD-R
B. USB flash drive
C. Magnetic Tape
D. CD-RW

Correct Answer:A

Question 12

Acme Corporation is doing a core evaluation of its centralized logging capabilities. Which of the following scenarios indicates a failure in more than one CIS Control?

A. The loghost is missing logs from 3 servers in the inventory
B. The loghost is receiving logs from hosts with different timezone values
C. The loghost time is out-of-sync with an external host
D. The loghost is receiving out-of-sync logs from undocumented servers

Correct Answer:D

Question 13

What is a recommended defense for the CIS Control for Application Software Security?

A. Keep debugging code in production web applications for quick troubleshooting
B. Limit access to the web application production environment to just the developers
C. Run a dedicated vulnerability scanner against backend databases
D. Display system error messages for only non-kernel related events

Correct Answer:C

Question 14

Which of the following actions produced the output seen below?
GCCC dumps exhibit

A. An access rule was removed from firewallrules.txt
B. An access rule was added to firewallrules2.txt
C. An access rule was added to firewallrules.txt
D. An access rule was removed from firewallrules2.txt

Correct Answer:B

Question 15

A breach was discovered after several customers reported fraudulent charges on their accounts. The attacker had exported customer logins and cracked passwords that were hashed but not salted. Customers were made to reset their passwords.
Shortly after the systems were cleaned and restored to service, it was discovered that a compromised system administrator??s account was being used to give the attacker continued access to the network. Which CIS Control failed in the continued access to the network?

A. Maintenance, Monitoring, and Analysis of Audit Logs
B. Controlled Use of Administrative Privilege
C. Incident Response and Management
D. Account Monitoring and Control

Correct Answer:C