GCCC Online Practice Questions and Answers

Which approach is recommended by the CIS Controls for performing penetration tests?

A. Document a single vulnerability per system

B. Utilize a single attack vector at a time

C. Complete intrusive tests on test systems

D. Execute all tests during network maintenance windows

An organization has installed a firewall for Boundary Defense. It allows only outbound traffic from internal workstations for web and SSH, allows connections from the internet to the DMZ, and allows guest wireless access to the internet only. How can an auditor validate these rules?

A. Check for packets going from the Internet to the Web server

B. Try to send email from a wireless guest account

C. Check for packages going from the web server to the user workstations

D. Try to access the internal network from the wireless router

When evaluating the Wireless Access Control CIS Control, which of the following systems needs to be tested?

A. Log management system

B. 802.1x authentication systems

C. Data classification and access baselines

D. PII data scanner

What type of Unified Modelling Language (UML) diagram is used to show dependencies between logical groupings in a system?

A. Package diagram

B. Deployment diagram

C. Class diagram

D. Use case diagram

Below is a screenshot from a deployed next-generation firewall. These configuration settings would be a defensive measure for which CIS Control?

A. Controlled Access Based on the Need to Know

B. Limitation and Control of Network Ports, Protocols and Services

C. Email and Web Browser Protections

D. Secure Configuration for Network Devices, such as Firewalls, Routers and Switches.

Review the below results of an audit on a server. Based on these results, which document would you recommend be reviewed for training or updates?

A. Procedure for authorizing remote server access

B. Procedure for modifying file permissions

C. Procedure for adjusting network share permissions

D. Procedure for setting and resetting user passwords

Which of the following should be used to test antivirus software?

A. FIPS 140-2

B. Code Red

C. Heartbleed

D. EICAR

An organization has implemented a control for Controlled Use of Administrative Privileges. They are collecting audit data for each login, logout, and location for the root account of their MySQL server, but they are unable to attribute each of these logins to a specific user. What action can they take to rectify this?

A. Force the root account to only be accessible from the system console.

B. Turn on SELinux and user process accounting for the MySQL server.

C. Force user accounts to use `sudo' f or privileged use.

D. Blacklist client applications from being run in privileged mode.