GIAC GCCC Exam - Topic 2 Question 85 Discussion

Actual exam question for GIAC's GCCC exam

Question #: 85
Topic #: 2

[All GCCC Questions]

What is a recommended defense for the CIS Control for Application Software Security?

AKeep debugging code in production web applications for quick troubleshooting

BLimit access to the web application production environment to just the developers

CRun a dedicated vulnerability scanner against backend databases

DDisplay system error messages for only non-kernel related events

Show Suggested Answer

Suggested Answer: C

by Nikita at May 06, 2026, 04:21 PM

Limited Time Offer

25%

Off

Get Premium GCCC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Refugia

22 days ago

I practiced a similar question on vulnerability scanning, and I think running a scanner is important, but it might not be the main defense for application security.

upvoted 0 times

...

Jacquelyne

27 days ago

I feel like displaying system error messages could lead to security risks, but I can't recall the exact details.

upvoted 0 times

...

Christiane

1 month ago

I think I remember something about limiting access to production environments, but I'm not sure if it's the best option here.

upvoted 0 times

...