Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

GIAC GCCC Exam - Topic 2 Question 85 Discussion

What is a recommended defense for the CIS Control for Application Software Security?
C) Run a dedicated vulnerability scanner against backend databases
A) Keep debugging code in production web applications for quick troubleshooting
B) Limit access to the web application production environment to just the developers
D) Display system error messages for only non-kernel related events

GIAC GCCC Exam - Topic 2 Question 85 Discussion

Actual exam question for GIAC's GCCC exam
Question #: 85
Topic #: 2
[All GCCC Questions]

What is a recommended defense for the CIS Control for Application Software Security?

Show Suggested Answer Hide Answer
Suggested Answer: C

Contribute your Thoughts:

0/2000 characters
Annita
2 days ago
I disagree, A can lead to security risks if left in production.
upvoted 0 times
...
Donette
7 days ago
C is a solid choice! Vulnerability scanners are essential.
upvoted 0 times
...
Terina
12 days ago
I vaguely remember that keeping debugging code in production is a bad practice, but I can't remember why that would be relevant to this question.
upvoted 0 times
...
Refugia
2 months ago
I practiced a similar question on vulnerability scanning, and I think running a scanner is important, but it might not be the main defense for application security.
upvoted 0 times
...
Jacquelyne
2 months ago
I feel like displaying system error messages could lead to security risks, but I can't recall the exact details.
upvoted 0 times
...
Christiane
2 months ago
I think I remember something about limiting access to production environments, but I'm not sure if it's the best option here.
upvoted 0 times
...

Save Cancel