GIAC GCCC Exam - Topic 4 Question 27 Discussion

Actual exam question for GIAC's GCCC exam

Question #: 27
Topic #: 4

[All GCCC Questions]

During a security audit which test should result in a source packet failing to reach its intended destination?

AA new connection request from the Internet is sent to a host on the company 's internal net work

BA packet originating from the company's DMZ is sent to a host on the company's internal network

CA new connection request from the internet is sent to the company's DNS server

DA packet originating from the company's internal network is sent to the company's DNS server

Show Suggested Answer

Suggested Answer: A

by Louisa at May 05, 2022, 03:04 PM

Limited Time Offer

25%

Off

Get Premium GCCC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Timothy

4 months ago

I thought internal packets were always safe.

upvoted 0 times

...

Alpha

4 months ago

C makes sense too, DNS should be protected.

upvoted 0 times

...

Ronna

4 months ago

Wait, why would a DMZ packet not reach internal? Sounds off.

upvoted 0 times

...

Cordelia

4 months ago

Totally agree, that's a security risk!

upvoted 0 times

...

Sonia

5 months ago

A new connection from the Internet should definitely fail.

upvoted 0 times

...

Oren

5 months ago

I’m confused about option C. Isn’t a DNS server supposed to handle requests from the internet? I feel like that one could go either way.

upvoted 0 times

...

Aretha

5 months ago

I remember a practice question about DMZ traffic, so I’m leaning towards option B. That one seems risky for internal networks.

upvoted 0 times

...

Rosio

5 months ago

I think it might be option A, but I'm not entirely sure if that would definitely fail. It seems like it should be blocked, though.

upvoted 0 times

...

Muriel

5 months ago

I’m pretty confident that option D is safe since it’s internal traffic. I don’t think that would fail the test.

upvoted 0 times

...

Fanny

5 months ago

Hmm, this looks like a tricky one. I think I'll start by reviewing the CSRF token implementation and see if I can identify any gaps or areas for improvement.

upvoted 0 times

...

Lea

5 months ago

This question seems straightforward, I think I can handle it.

upvoted 0 times

...

Tegan

5 months ago

I'm a bit unsure here. Should I just commit the update directly or do I need to create a branch first?

upvoted 0 times

...