GCCC 試験問題を無料オンラインアクセス

Below is a screenshot from a deployed next-generation firewall. These configuration settings would be a defensive measure for which CIS Control?

• A.Secure Configuration for Network Devices, such as Firewalls, Routers and Switches.
• B.Email and Web Browser Protections
• C.Controlled Access Based on the Need to Know
• D.Limitation and Control of Network Ports, Protocols and Services

Which of the following can be enabled on a Linux based system in order to make it more difficult for an attacker to execute malicious code after launching a buffer overflow attack?

• A.TCP Wrappers
• B.Tripwire
• C.ASLR
• D.SUID
• E.Iptables

An analyst investigated unused organizational accounts. The investigation found that:
-10% of accounts still have their initial login password, indicating they were never used
-10% of accounts have not been used in over six months
Which change in policy would mitigate the security risk associated with both findings?

• A.Users are required to change their password at the next login after three months
• B.Accounts must have passwords of at least 8 characters, with one number or symbol
• C.Accounts without login activity for 15 days are automatically locked

What could a security team use the command line tool Nmap for when implementing the Inventory and Control of Hardware Assets Control?

• A.Passively identify new devices
• B.Inventory offline databases
• C.Actively identify new servers
• D.Control which devices can connect to the network

Which of the following is a responsibility of a change management board?

• A.Approving system baseline configurations.
• B.Reviewing configuration of the documents
• C.Reviewing log files for unapproved changes
• D.Providing recommendations for the changes