GCCC GIAC Critical Controls Certification (GCCC) Questions and Answers

A new connection request from the Internet is sent to a host on the company ’s internal net work

A packet originating from the company’s DMZ is sent to a host on the company’s internal network

A new connection request from the internet is sent to the company’s DNS server

A packet originating from the company’s internal network is sent to the company’s DNS server

There had been a storm on September 27th that may have caused a power surge

The registry entry was modified on September 29th at 22:37

The attacker may have been able to access the systems due to missing KB2965111

The backup process may have failed at 2345 due to lack of available bandwidth

Package diagram

Deployment diagram

Class diagram

Use case diagram

Continuously

Annually

Monthly

At orientation and review times

Document a single vulnerability per system

Utilize a single attack vector at a time

Complete intrusive tests on test systems

Execute all tests during network maintenance windows

Charging a smartphone using a computer USB port

Editing webpages with a Linux system

Reading email using a plain text email client

Online banking in Incognito mode

Brute-force password attacks could be more effective.

Legitimate users could be unable to access resources.

Password length and complexity will be automatically reduced.

Once accounts are locked, they cannot be unlocked.

Multi-Factor Authentication Standard

Network Traffic/Service Baseline

Network Device Configuration Baselines

Network Information Flow

Sender Policy Framework

DNS Security Extensions

Public-Key Cryptography

Simple Mail Transfer Protocol

A service closes a port after a period of inactivity

A service relies on the port to select the protocol

A service sets limits on the volume of traffic sent through the port

A service opens the port and listens for network traffic