Leads4pass > GIAC > GIAC Certifications > GCCC > GCCC Online Practice Questions and Answers

GCCC Online Practice Questions and Answers

Questions 4

Which of the following actions produced the output seen below?

A. An access rule was removed from firewallrules.txt

B. An access rule was added to firewallrules2.txt

C. An access rule was added to firewallrules.txt

D. An access rule was removed from firewallrules2.txt

Buy Now
Questions 5

John is implementing a commercial backup solution for his organization. Which of the following steps should be on the configuration checklist?

A. Enable encryption if it 's not enabled by default

B. Disable software-level encryption to increase speed of transfer

C. Develop a unique encryption scheme

Buy Now
Questions 6

Which type of scan is best able to determine if user workstations are missing any important patches?

A. A network vulnerability scan using aggressive scanning

B. A source code scan

C. A port scan using banner grabbing

D. A web application/database scan

E. A vulnerability scan using valid credentials

Buy Now
Questions 7

A need has been identified to organize and control access to different classifications of information stored on a fileserver. Which of the following approaches will meet this need?

A. Organize files according to the user that created them and allow the user to determine permissions

B. Divide the documents into confidential, internal, and public folders, and ser permissions on each folder

C. Set user roles by job or position, and create permission by role for each file

D. Divide the documents by department and set permissions on each departmental folder

Buy Now
Questions 8

Why is it important to enable event log storage on a system immediately after it is installed?

A. To allow system to be restored to a known good state if it is compromised

B. To create the ability to separate abnormal behavior from normal behavior during an incident

C. To compare it performance with other systems already on the network

D. To identify root kits included on the system out of the box

Buy Now
Questions 9

To effectively implement the Data Protection CIS Control, which task needs to be implemented first?

A. The organization's proprietary data needs to be encrypted

B. Employees need to be notified that proprietary data should be protected

C. The organization's proprietary data needs to be identified

D. Appropriate file content matching needs to be configured

Buy Now
Questions 10

Janice is auditing the perimeter of the network at Sugar Water InC. According to documentation, external SMTP traffic is only allowed to and from 10.10.10.25. Which of the following actions would demonstrate the rules are configured incorrectly?

A. Receive spam from a known bad domain

B. Receive mail at Sugar Water Inc. account using Outlook as a mail client

C. Successfully deliver mail from another host inside the network directly to an external contact

D. Successfully deliver mail from web client using another host inside the network to an external contact.

Buy Now
Questions 11

What is a zero-day attack?

A. An attack that has a known attack signature but no available patch

B. An attack that utilizes a vulnerability unknown to the software developer

C. An attack that deploys at the end of a countdown sequence

D. An attack that is launched the day the patch is released

Buy Now
Questions 12

The settings in the screenshot would be configured as part of which CIS Control?

A. Application Software Security

B. Inventory and Control of Hardware Assets

C. Account Monitoring and Control

D. Controlled Use of Administrative Privileges

Buy Now
Questions 13

Kenya is a system administrator for SANS. Per the recommendations of the CIS Controls she has a dedicated host (kenya- adminbox / 10.10.10.10) for any administrative tasks. She logs into the dedicated host with her domain admin credentials. Which of the following connections should not exist from kenyaadminbox?

A. 10.10.245.3389

B. Mail.jane.org.25

C. Firewall_charon.jane.org.22

D. 10.10.10.33.443

Buy Now
Exam Code: GCCC
Exam Name: GIAC Critical Controls Certification (GCCC)
Last Update: Jul 02, 2026
Questions: 93
10%OFF Coupon Code: SAVE10

PDF (Q&A)

$49.99

VCE

$55.99

PDF + VCE

$65.99