Free GIAC GCCC Practice Exam with Questions & Answers | Set: 2

Multi-Factor Authentication Standard

Network Traffic/Service Baseline

Network Device Configuration Baselines

Network Information Flow

Workstation on which a domain admin has never logged in

Windows host with an uptime of 382 days

Server that has zero browser plug-ins

Fully patched guest machine that is not in the asset inventory

SCAP

CIS Controls

NIST

ISO 2700

Only authorized software should be installed on the agency ’s c omput er s ys t ems

All software conforms to licensing requirements for the business

Accurate software versions are captured to enable patching

Accurate software versions and counts are documented for licensing updates

Check the log entries to match privilege use with access from authorized users.

Run a script at intervals to identify processes running with administrative privilege.

Force the root account to only be accessible from the system console.

Ngrep

CIS-CAT

Netscreen

Zenmap

Creating standard secure configurations for all devices

Scanning the devices for known vulnerabilities

Implementing IDS to detect attacks

Applying all known security patches

Configuring a firewall to only allow communication to whitelisted hosts and ports

Using Network access control to disable communication by hosts with viruses

Disabling autorun features on all workstations on the network

Training users to recognize potential phishing attempts

Software Whitelisting System

System Configuration Enforcement System

Patch Management System

Penetration Testing System

A new connection request from the Internet is sent to a host on the company ’s internal net work

A packet originating from the company’s DMZ is sent to a host on the company’s internal network

A new connection request from the internet is sent to the company’s DNS server

A packet originating from the company’s internal network is sent to the company’s DNS server