Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC Exam GCCC Topic 4 Question 38 Discussion

Actual exam question for GIAC's GCCC exam
Question #: 38
Topic #: 4
[All GCCC Questions]

What is a recommended defense for the CIS Control for Application Software Security?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Kimbery at Dec 12, 2023, 10:16 PM

Limited Time Offer

25%

Off

Get Premium GCCC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Jessenia
3 months ago
C is the clear winner here. Scanning the databases for vulnerabilities is a must-have for application security. Unless, of course, you want your data served up on a silver platter to hackers.
upvoted 0 times
...
Selma
3 months ago
A is so bad, it's almost comical. Leaving debugging code in production? That's like leaving the front door wide open and expecting no one to break in.
upvoted 0 times
Annelle
1 months ago
D) Display system error messages for only non-kernel related events
upvoted 0 times
...
Amber
1 months ago
C) Run a dedicated vulnerability scanner against backend databases
upvoted 0 times
...
Jaime
2 months ago
B) Limit access to the web application production environment to just the developers
upvoted 0 times
...
...
Timothy
3 months ago
I'm going with D. Showing error messages for non-kernel events will give attackers a lot of juicy information to work with. Wait, is that a trick question?
upvoted 0 times
...
Geoffrey
3 months ago
B sounds tempting, but limiting access to just developers isn't enough. We need to secure the application itself, which is why C is the way to go.
upvoted 0 times
Ramonita
2 months ago
Running a dedicated vulnerability scanner against backend databases is the way to go.
upvoted 0 times
...
Laura
2 months ago
I agree, we need to secure the application itself.
upvoted 0 times
...
Magdalene
2 months ago
B sounds tempting, but limiting access to just developers isn't enough.
upvoted 0 times
...
...
Rikki
4 months ago
I think running a dedicated vulnerability scanner against backend databases could also help in securing the application software.
upvoted 0 times
...
Hubert
4 months ago
Definitely not A. Keeping debugging code in production is a big no-no for security. The correct answer has to be C - running a vulnerability scanner on the backend databases.
upvoted 0 times
Luz
3 months ago
Yes, C - running a dedicated vulnerability scanner against backend databases is the correct answer.
upvoted 0 times
...
Luz
3 months ago
I agree, A is definitely not the recommended defense for application software security.
upvoted 0 times
...
Jarod
3 months ago
Yes, C - running a dedicated vulnerability scanner against backend databases is the correct answer.
upvoted 0 times
...
Jarod
3 months ago
I agree, A is definitely not the recommended defense for application software security.
upvoted 0 times
...
...
Omer
4 months ago
I agree with Omega. It's important to restrict access to prevent unauthorized changes.
upvoted 0 times
...
Omega
4 months ago
I think the recommended defense is to limit access to the web application production environment to just the developers.
upvoted 0 times
...

Save Cancel