Question No 1

An organization has implemented a policy to detect and remove malicious software from its network. Which of the following actions is focused on correcting rather than preventing attack?

Choose the Choices:

Configuring a firewall to only allow communication to whitelisted hosts and ports

Using Network access control to disable communication by hosts with viruses

Disabling autorun features on all workstations on the network

Training users to recognize potential phishing attempts

Question No 2

Beta corporation is doing a core evaluation of its centralized logging capabilities. The security staff suspects that the central server has several log files over the past few weeks that have had their contents changed. Given this concern, and the need to keep archived logs for log correction applications, what is the most appropriate next steps?

Choose the Choices:

Keep the files in the log archives synchronized with another location.

Store the files read - only and keep hashes of the logs separately.

Install a tier one timeserver on the network to keep log devices synchronized.

Encrypt the log files with an asymmetric key and remove the cleartext version.

Question No 3

Which projects enumerates or maps security issues to CVE?

Choose the Choices:

Question No 4

Which of the following archiving methods would maximize log integrity?

Choose the Choices:

Question No 5

Which of the following is a responsibility of a change management board?

Choose the Choices:

Practice GIAC GCCC Exam Questions

Question No 1

Question No 2

Question No 3

Question No 4

Question No 5

GCCC Exam Features

GCCC PDF Dumps