GIAC Exam GCCC Topic 1 Question 62 Discussion

Actual exam question for GIAC's GCCC exam

Question #: 62
Topic #: 1

[All GCCC Questions]

An organization has implemented a policy to detect and remove malicious software from its network. Which of the following actions is focused on correcting rather than preventing attack?

AConfiguring a firewall to only allow communication to whitelisted hosts and ports

BUsing Network access control to disable communication by hosts with viruses

CDisabling autorun features on all workstations on the network

DTraining users to recognize potential phishing attempts

Show Suggested Answer

Suggested Answer: D

by Justa at Oct 22, 2024, 04:59 AM

Limited Time Offer

25%

Off

Get Premium GCCC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Ezekiel

3 months ago

Haha, I'm just imagining all the users trying to outrun their own computers to disable the autorun features. Option C seems a bit overkill.

upvoted 0 times

...

Tawna

3 months ago

I agree with Theodora. Option B is the best answer since it's directly addressing the issue of removing malicious software, not just preventing it.

upvoted 0 times

Sabra

2 months ago

Yes, disabling communication by hosts with viruses is a corrective action.

upvoted 0 times

...

Rochell

2 months ago

I agree, option B focuses on removing malicious software.

upvoted 0 times

...

Nobuko

2 months ago

I think option B is the correct answer.

upvoted 0 times

...

Wilda

4 months ago

Hmm, I'm not so sure. Option D about training users to spot phishing seems like a good preventative measure to me.

upvoted 0 times

Tran

3 months ago

User 2: But disabling autorun features is focused on correcting the issue after it has occurred.

upvoted 0 times

...

Annita

3 months ago

User 1: I think option D is more about prevention than correction.

upvoted 0 times

...

Theodora

4 months ago

Option B seems like the right choice here, as it's focused on stopping infected hosts from communicating and spreading the malware further.

upvoted 0 times

...

Mammie

4 months ago

But training users to recognize phishing attempts can also help correct the attack after it happens.

upvoted 0 times

...

Dusti

4 months ago

I agree with Zona, disabling autorun features is a reactive measure.

upvoted 0 times

...

Zona

4 months ago

I think option C is focused on correcting the attack.

upvoted 0 times

...