[2023年11月08日] 最新更新されたのはGCCC試験問題2023年更新 [Q31-Q54]

Share

[2023年11月08日] 最新更新されたのはGCCC試験問題2023年更新

無料更新されたGIAC GCCCテストエンジン問題には95問題と解答

質問 # 31
Which of the following is necessary for implementing and automating the Continuous Vulnerability Assessment and Remediation CIS Control?

  • A. System Configuration Enforcement System
  • B. Penetration Testing System
  • C. Patch Management System
  • D. Software Whitelisting System

正解:C


質問 # 32
Implementing which of the following will decrease spoofed e-mail messages?

  • A. Internet Message Access Protocol
  • B. Network Address Translation
  • C. Sender Policy Framework
  • D. Finger Protocol

正解:C


質問 # 33
Which of the following actions will assist an organization specifically with implementing web application software security?

  • A. Having a plan to scan vulnerabilities of an application prior to deployment
  • B. Establishing network activity baselines among public-facing servers
  • C. Providing end-user security training to both internal staff and vendors
  • D. Making sure that all hosts are patched during regularly scheduled maintenance

正解:A


質問 # 34
Which projects enumerates or maps security issues to CVE?

  • A. NIST
  • B. CIS Controls
  • C. SCAP
  • D. ISO 2700

正解:C


質問 # 35
Which of the following is a reliable way to test backed up data?

  • A. Confirm the backup service is running at the proper time
  • B. Restore the data to a system
  • C. Verify the file size of the backup
  • D. Compare data hashes of backed up data to original systems

正解:B


質問 # 36
John a network administrator at Northeast High School. Faculty have been complaining that although they can detect and authenticate to the faculty wireless network, they are unable to connect. While troubleshooting, John discovers that the wireless network server is out of DHCP addresses due to a large number of unauthorized student devices connecting to the network. Which course of action would be an effective temporary stopgap to secure the network until a permanent solution can be found?

  • A. Shorten the DHCP lease time
  • B. Limit access to allowed MAC addresses
  • C. Change the password immediately
  • D. Increase the size of the DHCP pool

正解:C


質問 # 37
An organization has implemented a control for Controlled Use of Administrative Privileges. They are collecting audit data for each login, logout, and location for the root account of their MySQL server, but they are unable to attribute each of these logins to a specific user. What action can they take to rectify this?

  • A. Force user accounts to use 'sudo' f or privileged use.
  • B. Turn on SELinux and user process accounting for the MySQL server.
  • C. Blacklist client applications from being run in privileged mode.
  • D. Force the root account to only be accessible from the system console.

正解:A


質問 # 38
IDS alerts at Service Industries are received by email. A typical day process over 300 emails with fewer than
50 requiring action. A recent attack was successful and went unnoticed due to the number of generated alerts.
What should be done to prevent this from recurring?

  • A. Increase the number of staff responsible for processing IDS alerts.
  • B. Tune the IDS rules to decrease false positives.
  • C. Configure the IDS alerts to only alert on high priority systems.
  • D. Change the alert method from email to text message.

正解:B


質問 # 39
Which of the following is used to prevent spoofing of e-mail addresses?

  • A. Public-Key Cryptography
  • B. Sender Policy Framework
  • C. DNS Security Extensions
  • D. Simple Mail Transfer Protocol

正解:B


質問 # 40
What is the relationship between a service and its associated port?

  • A. A service opens the port and listens for network traffic
  • B. A service sets limits on the volume of traffic sent through the port
  • C. A service closes a port after a period of inactivity
  • D. A service relies on the port to select the protocol

正解:A


質問 # 41
After installing a software package on several workstations, an administrator discovered the software opened network port TCP 23456 on each workstation. The port is part of a software management function that is not needed on corporate workstations. Which actions would best protect the computers with the software package installed?

  • A. Redirect traffic to and from the software management port to a non-default port
  • B. Block TCP 23456 at the network perimeter firewall
  • C. Determine which service controls the software management function and opens the port, and disable it
  • D. Document the port number and request approval from a change control group

正解:C


質問 # 42
An organization is implementing a control for the Account Monitoring and Control CIS Control, and have set the Account Lockout Policy as shown below. What is the risk presented by these settings?

  • A. Once accounts are locked, they cannot be unlocked.
  • B. Legitimate users could be unable to access resources.
  • C. Password length and complexity will be automatically reduced.
  • D. Brute-force password attacks could be more effective.

正解:B


質問 # 43
Which of the following assigns a number indicating the severity of a discovered software vulnerability?

  • A. CPE
  • B. CVE
  • C. CVSS
  • D. CCE

正解:C


質問 # 44
Beta corporation is doing a core evaluation of its centralized logging capabilities. The security staff suspects that the central server has several log files over the past few weeks that have had their contents changed. Given this concern, and the need to keep archived logs for log correction applications, what is the most appropriate next steps?

  • A. Keep the files in the log archives synchronized with another location.
  • B. Store the files read-only and keep hashes of the logs separately.
  • C. Encrypt the log files with an asymmetric key and remove the cleartext version.
  • D. Install a tier one timeserver on the network to keep log devices synchronized.

正解:B


質問 # 45
An administrator looking at a web application's log file found login attempts by the same host over several seconds. Each user ID was attempted with three different passwords. The event took place over 5 seconds.
* ROOT
* TEST
* ADMIN
* SQL
* USER
* NAGIOSGUEST
What is the most likely source of this event?

  • A. An attempted Denial of Service attack by locking out administrative accounts
  • B. An attempt to use SQL Injection to gain information from a web-connected database
  • C. An automated tool that attempts to use a dictionary attack to infiltrate a website
  • D. An IT administrator attempting to use outdated credentials to enter the site

正解:C


質問 # 46
Which of the following should be measured and analyzed regularly when implementing the Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers CIS Control?

  • A. What percentage of systems in the organization are using Network Level Authentication (NLA)
  • B. What percentage of the organization's applications are using sandboxing products
  • C. How long does it take to identify new unauthorized listening ports on the network systems
  • D. What percentage of assets will have their settings enforced and redeployed
  • E. How long does it take to remove unauthorized software from the organization's systems

正解:D


質問 # 47
An organization has implemented a control for Controlled Use of Administrative Privilege. The control requires users to enter a password from their own user account before being allowed elevated privileges, and that no client applications (e.g. web browsers, e-mail clients) can be run with elevated privileges. Which of the following actions will validate this control is implemented properly?

  • A. Run a script at intervals to identify processes running with administrative privilege.
  • B. Check the log entries to match privilege use with access from authorized users.
  • C. Force the root account to only be accessible from the system console.

正解:A


質問 # 48
What type of Unified Modelling Language (UML) diagram is used to show dependencies between logical groupings in a system?

  • A. Use case diagram
  • B. Class diagram
  • C. Deployment diagram
  • D. Package diagram

正解:D


質問 # 49
Which of the following should be used to test antivirus software?

  • A. FIPS 140-2
  • B. EICAR
  • C. Code Red
  • D. Heartbleed

正解:B


質問 # 50
Which of the following baselines is considered necessary to implement the Boundary Defense CIS Control?

  • A. Network Device Configuration Baselines
  • B. Multi-Factor Authentication Standard
  • C. Network Information Flow
  • D. Network Traffic/Service Baseline

正解:C


質問 # 51
DHCP logging output in the screenshot would be used for which of the following?

  • A. Providing ping sweep results to identify live network hosts for vulnerability scanning.
  • B. Enforcing port-based network access control to prevent unauthorized devices on the network.
  • C. Detecting malicious activity by compromised or unauthorized devices on the network.
  • D. Identifying new connections to maintain an up-to-date inventory of devices on the network.

正解:D


質問 # 52
When evaluating the Wireless Access Control CIS Control, which of the following systems needs to be tested?

  • A. PII data scanner
  • B. Data classification and access baselines
  • C. Log management system
  • D. 802.1x authentication systems

正解:D


質問 # 53
Which of the following is a benefit of stress-testing a network?

  • A. To determine the security configurations of the network
  • B. To determine the connectivity of the network
  • C. To determine device behavior in a DoS condition.
  • D. To determine bandwidth needs for the network.

正解:C


質問 # 54
......

100%の合格率を試そう!更新されたのはGCCC試験問題 [2023年更新]:https://jp.fast2test.com/GCCC-premium-file.html


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어