GCCC Sample Questions Answers

Charging a smartphone using a computer USB port

Editing webpages with a Linux system

Reading email using a plain text email client

Online banking in Incognito mode

The host located at 192.168.177.7 is no longer on the network

The host with MAC Address D8:50:E6:9F:EE:60 is no longer on the network

The host located at 192.168.177.21 is a new host on the network

The host with MAC Address D8:50:E6:9F:EE:60 had an IP address change

A network vulnerability scan using aggressive scanning

A source code scan

A port scan using banner grabbing

A web application/database scan

A vulnerability scan using valid credentials

Log management system

802.1x authentication systems

Data classification and access baselines

PII data scanner

Brute-force password attacks could be more effective.

Legitimate users could be unable to access resources.

Password length and complexity will be automatically reduced.

Once accounts are locked, they cannot be unlocked.

Limit access to allowed MAC addresses

Increase the size of the DHCP pool

Change the password immediately

Shorten the DHCP lease time

Starbucks

Linksys

Hhonors

Interwebz

Technical, administrative, and policy controls based on research provided by the SANS Institute

Technical controls designed to provide protection from the most damaging attacks based on current threat data

Technical controls designed to augment the NIST 800 series

Technical, administrative, and policy controls based on current regulations and security best practices

access-list outbound permit tcp host 10.1.1.7 any eq smtp

access-list outbound deny tcp any host 74.125.228.2 eq www

access-list inbound permit tcp 8.8.0.0 0.0.0.255 10.10.12.252 eq 8080

access-list inbound permit tcp host 8.8.207.97 host 10.10.12.100 eq ssh

Sender Policy Framework

DNS Security Extensions

Public-Key Cryptography

Simple Mail Transfer Protocol

FIPS 140-2

Code Red

Heartbleed

EICAR

Uninstall the application providing the service

Turn the service off in the host configuration files

Block the protocol for the unneeded service at the firewall

Create an access list on the router to filter traffic to the host

An access rule was removed from firewallrules.txt

An access rule was added to firewallrules2.txt

An access rule was added to firewallrules.txt

An access rule was removed from firewallrules2.txt

Verify that the backup media cannot be read without the encryption key

Check the backup logs from the critical servers and verify there are no errors

Select a random file from a critical server and verify it is present in a backup set

Restore the critical server data from backup and see if data is missing

A new connection request from the Internet is sent to a host on the company ’s internal net work

A packet originating from the company’s DMZ is sent to a host on the company’s internal network

A new connection request from the internet is sent to the company’s DNS server

A packet originating from the company’s internal network is sent to the company’s DNS server

Reports can be sent to the CIO for performance benchmarks

Results can be provided to network engineers as actionable feedback

Scanners can correct network configurations issues

Results can be included in audit evidence failures

Controlled Access Based on the Need to Know

Controlled Use of Administrative Privilege

Limitation and Control of Network Ports, Protocols and Services

Secure Configurations for Hardware and Software on Laptops, Workstations, and Servers

Inventory and Control of Hardware Assets

Host-based firewall sends alerts when packets are sent to a closed port

Network Intrusion Prevention sends alerts when RST packets are received

Network Intrusion Detection devices sends alerts when signatures are updated

Host-based anti-virus sends alerts to a central security console

A service closes a port after a period of inactivity

A service relies on the port to select the protocol

A service sets limits on the volume of traffic sent through the port

A service opens the port and listens for network traffic

To determine device behavior in a DoS condition.

To determine bandwidth needs for the network.

To determine the connectivity of the network

To determine the security configurations of the network

Software Whitelisting System

System Configuration Enforcement System

Patch Management System

Penetration Testing System

A schedule for creating and storing backup

A phone tree used to contact necessary personnel

A script used to verify patches are installed on systems

An IPS rule that prevents web access from international locations

The blue team is adequately protecting the network

There are too many internal penetration tests being conducted

The methods the red team is using are not effectively testing the network

The red team is improving their capability to measure network security

Keep debugging code in production web applications for quick troubleshooting

Limit access to the web application production environment to just the developers

Run a dedicated vulnerability scanner against backend databases

Display system error messages for only non-kernel related events