GCCC 시험 - GIAC실제시험문제와 답 - 93문항

Question No : 1

An organization wants to test its procedure for data recovery.
Which of the following will be most effective?

A.Verifying a file can be recovered from backup media
B.Verifying that backup process is running when it should
C.Verifying that network backups can’t be read in transit
D.Verifying there are no errors in the backup server logs

정답:

Question No : 2

What could a security team use the command line tool Nmap for when implementing the Inventory and Control of Hardware Assets Control?

A.Control which devices can connect to the network
B.Passively identify new devices
C.Inventory offline databases
D.Actively identify new servers

정답:

Question No : 3

Which of the following assigns a number indicating the severity of a discovered software vulnerability?

A.CPE
B.CVE
C.CCE
D.CVSS

정답:

Question No : 4

What is the first step suggested before implementing any single CIS Control?

A.Develop an effectiveness test
B.Perform a gap analysis
C.Perform a vulnerability scan
D.Develop a roll-out schedule

정답:

Question No : 5

An organization is implementing a control for the Limitation and Control of Network Ports, Protocols, and Services CIS Control.
Which action should they take when they discover that an application running on a web server is no longer needed?

A.Uninstall the application providing the service
B.Turn the service off in the host configuration files
C.Block the protocol for the unneeded service at the firewall
D.Create an access list on the router to filter traffic to the host

정답:

Question No : 6

John a network administrator at Northeast High School. Faculty have been complaining that although they can detect and authenticate to the faculty wireless network, they are unable to connect. While troubleshooting, John discovers that the wireless network server is out of DHCP addresses due to a large number of unauthorized student devices connecting to the network.
Which course of action would be an effective temporary stopgap to secure the network until a permanent solution can be found?

A.Limit access to allowed MAC addresses
B.Increase the size of the DHCP pool
C.Change the password immediately
D.Shorten the DHCP lease time

정답:

Question No : 7

Which of the following is a reliable way to test backed up data?

A.Verify the file size of the backup
B.Confirm the backup service is running at the proper time
C.Compare data hashes of backed up data to original systems
D.Restore the data to a system

정답:

Question No : 8

Which of the following is a benefit of stress-testing a network?

A.To determine device behavior in a DoS condition.
B.To determine bandwidth needs for the network.
C.To determine the connectivity of the network
D.To determine the security configurations of the network

정답:

Question No : 9

Beta corporation is doing a core evaluation of its centralized logging capabilities. The security staff suspects that the central server has several log files over the past few weeks that have had their contents changed.
Given this concern, and the need to keep archived logs for log correction applications, what is the most appropriate next steps?

A.Keep the files in the log archives synchronized with another location.
B.Store the files read-only and keep hashes of the logs separately.
C.Install a tier one timeserver on the network to keep log devices synchronized.
D.Encrypt the log files with an asymmetric key and remove the cleartext version.

정답:

Question No : 10

An organization has implemented a control for Controlled Use of Administrative Privileges. They are collecting audit data for each login, logout, and location for the root account of their MySQL server, but they are unable to attribute each of these logins to a specific user.
What action can they take to rectify this?

A.Force the root account to only be accessible from the system console.
B.Turn on SELinux and user process accounting for the MySQL server.
C.Force user accounts to use ‘sudo’ f or privileged use.
D.Blacklist client applications from being run in privileged mode.

정답:

Question No : 11

An attacker is able to successfully access a web application as root using ‘ or 1 = 1 . as the password. The successful access indicates a failure of what process?

A.Input Validation
B.Output Sanitization
C.URL Encoding
D.Account Management

정답:

Question No : 12

Which of the following best describes the CIS Controls?

A.Technical, administrative, and policy controls based on research provided by the SANS Institute
B.Technical controls designed to provide protection from the most damaging attacks based on current threat data
C.Technical controls designed to augment the NIST 800 series
D.Technical, administrative, and policy controls based on current regulations and security best practices

정답:

Question No : 13

Which of the following should be used to test antivirus software?

A.FIPS 140-2
B.Code Red
C.Heartbleed
D.EICAR

정답:

Question No : 14

Based on the data shown below.

Which wireless access point has the manufacturer default settings still in place?

A.Starbucks
B.Linksys
C.Hhonors
D.Interwebz

정답:

Question No : 15

Below is a screenshot from a deployed next-generation firewall.
These configuration settings would be a defensive measure for which CIS Control?

A.Controlled Access Based on the Need to Know
B.Limitation and Control of Network Ports, Protocols and Services
C.Email and Web Browser Protections
D.Secure Configuration for Network Devices, such as Firewalls, Routers and Switches.

정답:

GIAC GCCC 시험