Online Access Free GIAC.GCCC.v2022-06-01.q34 Practice Test (Page 4)

GCCC Exam Question 11

Which of the following baselines is considered necessary to implement the Boundary Defense CIS Control?

A.Network Device Configuration Baselines

B.Network Traffic/Service Baseline

C.Multi-Factor Authentication Standard

D.Network Information Flow

GCCC Exam Question 12

An organization has implemented a control for Controlled Use of Administrative Privileges. They are collecting audit data for each login, logout, and location for the root account of their MySQL server, but they are unable to attribute each of these logins to a specific user. What action can they take to rectify this?

A.Force the root account to only be accessible from the system console.

B.Force user accounts to use 'sudo' f or privileged use.

C.Turn on SELinux and user process accounting for the MySQL server.

D.Blacklist client applications from being run in privileged mode.

GCCC Exam Question 13

An auditor is validating the policies and procedures for an organization with respect to a control for Data Recovery. The organization's control states they will completely back up critical servers weekly, with incremental backups every four hours. Which action will best verify success of the policy?

A.Select a random file from a critical server and verify it is present in a backup set

B.Check the backup logs from the critical servers and verify there are no errors

C.Verify that the backup media cannot be read without the encryption key

D.Restore the critical server data from backup and see if data is missing

GCCC Exam Question 14

An organization is implementing an application software security control their custom-written code that provides web-based database access to sales partners. Which action will help mitigate the risk of the application being compromised?

A.Identifying high-risk assets that are on the same network as the web application server

B.Logging the connection requests to the web application server from outside hosts

C.Creating signatures for their IDS to detect attacks specific to their web application

D.Providing the source code for their web application to existing sales partners

GCCC Exam Question 15

An organization has installed a firewall for Boundary Defense. It allows only outbound traffic from internal workstations for web and SSH, allows connections from the internet to the DMZ, and allows guest wireless access to the internet only. How can an auditor validate these rules?

A.Try to access the internal network from the wireless router

B.Check for packets going from the Internet to the Web server

C.Try to send email from a wireless guest account

D.Check for packages going from the web server to the user workstations

Other Version: 34GIAC.Itcertmagic.GCCC.v2022-05-25.by.john.34q.pdf; 778GIAC.GCCC.v2021-09-02.q34; 111GIAC.Examcollectionpass.GCCC.v2021-08-30.by.harvey.34q.pdf

Latest Upload: 124HP.HPE6-A85.v2025-10-09.q102; 113Oracle.1Z0-1161-1.v2025-10-09.q18; 130Cisco.350-601.v2025-10-09.q638; 120SAP.C_BCBDC_2505.v2025-10-08.q34; 139GAQM.Databricks-Certified-Data-Engineer-Associate.v2025-10-08.q106; 130WGU.Scripting-and-Programming-Foundations.v2025-10-08.q82; 126PRINCE2.PRINCE2Foundation.v2025-10-07.q143; 133Cisco.300-425.v2025-10-07.q109; 109Cisco.200-901.v2025-10-07.q300; 123VMware.3V0-32.23.v2025-10-07.q93

GCCC Exam Question 11

GCCC Exam Question 12

GCCC Exam Question 13

GCCC Exam Question 14

GCCC Exam Question 15

Download PDF File