GIAC GCCC Exam - Topic 2 Question 85 Discussion

Actual exam question for GIAC's GCCC exam

Question #: 85
Topic #: 2

[All GCCC Questions]

What is a recommended defense for the CIS Control for Application Software Security?

AKeep debugging code in production web applications for quick troubleshooting

BLimit access to the web application production environment to just the developers

CRun a dedicated vulnerability scanner against backend databases

DDisplay system error messages for only non-kernel related events

Show Suggested Answer

Suggested Answer: C

by Nikita at May 06, 2026, 04:21 PM

Limited Time Offer

25%

Off

Contribute your Thoughts:

Submit Cancel

4 days ago

I feel like displaying system error messages could lead to security risks, but I can't recall the exact details.

upvoted 0 times

...

9 days ago

I think I remember something about limiting access to production environments, but I'm not sure if it's the best option here.

upvoted 0 times

...