GIAC Exam GCCC Topic 1 Question 62 Discussion

Actual exam question for GIAC's GCCC exam

Question #: 62
Topic #: 1

[All GCCC Questions]

An organization has implemented a policy to detect and remove malicious software from its network. Which of the following actions is focused on correcting rather than preventing attack?

AConfiguring a firewall to only allow communication to whitelisted hosts and ports

BUsing Network access control to disable communication by hosts with viruses

CDisabling autorun features on all workstations on the network

DTraining users to recognize potential phishing attempts

Show Suggested Answer

Suggested Answer: D

by Justa at Oct 22, 2024, 04:59 AM

Limited Time Offer

25%

Off

Get Premium GCCC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Wilda

10 hours ago

Hmm, I'm not so sure. Option D about training users to spot phishing seems like a good preventative measure to me.

upvoted 0 times

...

Theodora

6 days ago

Option B seems like the right choice here, as it's focused on stopping infected hosts from communicating and spreading the malware further.

upvoted 0 times

...

Mammie

6 days ago

But training users to recognize phishing attempts can also help correct the attack after it happens.

upvoted 0 times

...

Dusti

11 days ago

I agree with Zona, disabling autorun features is a reactive measure.

upvoted 0 times

...

Zona

13 days ago

I think option C is focused on correcting the attack.

upvoted 0 times

...