Exam2pass
0 items Sign In or Register
  • Home
  • IT Exams
  • Guarantee
  • FAQs
  • Reviews
  • Contact Us
  • Demo
Exam2pass > GIAC > GIAC Certifications > GCCC > GCCC Online Practice Questions and Answers

GCCC Online Practice Questions and Answers

Questions 4

Which of the following statements is appropriate in an incident response report?

A. There had been a storm on September 27th that may have caused a power surge

B. The registry entry was modified on September 29th at 22:37

C. The attacker may have been able to access the systems due to missing KB2965111

D. The backup process may have failed at 2345 due to lack of available bandwidth

Buy Now

Correct Answer: B

Questions 5

What is an organization's goal in deploying a policy to encrypt all mobile devices?

A. Enabling best practices for the protection of their software licenses

B. Providing their employees, a secure method of connecting to the corporate network

C. Controlling unauthorized access to sensitive information

D. Applying the principle of defense in depth to their mobile devices

Buy Now

Correct Answer: C

Questions 6

Implementing which of the following will decrease spoofed e-mail messages?

A. Finger Protocol

B. Sender Policy Framework

C. Network Address Translation

D. Internet Message Access Protocol

Buy Now

Correct Answer: B

Questions 7

Which projects enumerates or maps security issues to CVE?

A. SCAP

B. CIS Controls

C. NIST

D. ISO 2700

Buy Now

Correct Answer: A

Questions 8

An organization is implementing a control for the Limitation and Control of Network Ports, Protocols, and Services CIS Control. Which action should they take when they discover that an application running on a web server is no longer needed?

A. Uninstall the application providing the service

B. Turn the service off in the host configuration files

C. Block the protocol for the unneeded service at the firewall

D. Create an access list on the router to filter traffic to the host

Buy Now

Correct Answer: A

Questions 9

As part of an effort to implement a control on E-mail and Web Protections, an organization is monitoring their webserver traffic. Which event should they receive an alert on?

A. The number of website hits is higher that the daily average

B. The logfiles of the webserver are rotated and archived

C. The website does not respond to a SYN packet for 30 minutes

D. The website issues a RST to a client after the connection is idle

Buy Now

Correct Answer: C

Questions 10

What documentation should be gathered and reviewed for evaluating an Incident Response program?

A. Staff member interviews

B. NIST Cybersecurity Framework

C. Policy and Procedures

D. Results from security training assessments

Buy Now

Correct Answer: C

Questions 11

Janice is auditing the perimeter of the network at Sugar Water InC. According to documentation, external SMTP traffic is only allowed to and from 10.10.10.25. Which of the following actions would demonstrate the rules are configured incorrectly?

A. Receive spam from a known bad domain

B. Receive mail at Sugar Water Inc. account using Outlook as a mail client

C. Successfully deliver mail from another host inside the network directly to an external contact

D. Successfully deliver mail from web client using another host inside the network to an external contact.

Buy Now

Correct Answer: C

Questions 12

Dragonfly Industries requires firewall rules to go through a change management system before they are configured. Review the change management log. Which of the following lines in your firewall ruleset has expired and should be removed from the configuration?

A. access-list outbound permit tcp host 10.1.1.7 any eq smtp

B. access-list outbound deny tcp any host 74.125.228.2 eq www

C. access-list inbound permit tcp 8.8.0.0 0.0.0.255 10.10.12.252 eq 8080

D. access-list inbound permit tcp host 8.8.207.97 host 10.10.12.100 eq ssh

Buy Now

Correct Answer: D

Questions 13

Kenya is a system administrator for SANS. Per the recommendations of the CIS Controls she has a dedicated host (kenya- adminbox / 10.10.10.10) for any administrative tasks. She logs into the dedicated host with her domain admin credentials. Which of the following connections should not exist from kenyaadminbox?

A. 10.10.245.3389

B. Mail.jane.org.25

C. Firewall_charon.jane.org.22

D. 10.10.10.33.443

Buy Now

Correct Answer: B

Exam Code: GCCC
Exam Name: GIAC Critical Controls Certification (GCCC)
Last Update: Jul 06, 2026
Questions: 93

PDF (Q&A)

$45.99
ADD TO CART

VCE

$49.99
ADD TO CART

PDF + VCE

$59.99
ADD TO CART

Exam2Pass----The Most Reliable Exam Preparation Assistance

There are tens of thousands of certification exam dumps provided on the internet. And how to choose the most reliable one among them is the first problem one certification candidate should face. Exam2Pass provide a shot cut to pass the exam and get the certification. If you need help on any questions or any Exam2Pass exam PDF and VCE simulators, customer support team is ready to help at any time when required.

Home | Guarantee & Policy |  Privacy & Policy |  Terms & Conditions |  How to buy |  FAQs |  About Us |  Contact Us |  Demo |  Reviews

2026 Copyright @ exam2pass.com All trademarks are the property of their respective vendors. We are not associated with any of them.