← Back to exam page

GCCC GIAC Critical Controls Certification (GCCC)

Loading demo links...

Showing 7–9 of 10 questions

Question 7

Which of the options below will do the most to reduce an organization’s attack surface on the internet?

Select an option, then click Submit answer.

  • Deploy an access control list on the perimeter router and limit inbound ICMP messages to echo requests only

  • Deploy antivirus software on internet-facing hosts, and ensure that the signatures are updated regularly

  • Ensure that rotation of duties is used with employees in order to compartmentalize the most important tasks

  • Ensure only necessary services are running on Internet-facing hosts, and that they are hardened according to best practices


Question 8

Which of the following actions would best mitigate against phishing attempts such as the example below?

Select an option, then click Submit answer.

  • Establishing email filters to block no-reply address emails

  • Making web filters to prevent accessing Google Docs

  • Having employee’s complete user awareness training

  • Recommending against the use of Google Docs


Question 9

Which of the following assigns a number indicating the severity of a discovered software vulnerability?

Select an option, then click Submit answer.

  • CPE

  • CVE

  • CCE

  • CVSS