GIAC Exam GCCC Topic 1 Question 57 Discussion

Actual exam question for GIAC's GCCC exam

Question #: 57
Topic #: 1

[All GCCC Questions]

Executive management approved the storage of sensitive data on smartphones and tablets as long as they were encrypted. Later a vulnerability was announced at an information security conference that allowed attackers to bypass the device's authentication process, making the data accessible. The smartphone manufacturer said it would take six months for the vulnerability to be fixed and distributed through the cellular carriers. Four months after the vulnerability was announced, an employee lost his tablet and the sensitive information became public.

What was the failure that led to the information being lost?

AThere was no risk acceptance review after the risk changed

BThe employees failed to maintain their devices at the most current software version

CVulnerability scans were not done to identify the devices that we at risk

DManagement had not insured against the possibility of the information being lost

Show Suggested Answer

Suggested Answer: A

by Miriam at Sep 14, 2024, 09:22 PM

Limited Time Offer

25%

16 days ago

I think the failure was that employees failed to maintain their devices at the most current software version.

upvoted 0 times

...