New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC GCCC Exam - Topic 5 Question 53 Discussion

Actual exam question for GIAC's GCCC exam
Question #: 53
Topic #: 5
[All GCCC Questions]

An organization is implementing an application software security control their custom-written code that provides web---based database access to sales partners. Which action will help mitigate the risk of the application being compromised?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Micah at Jul 17, 2024, 11:04 PM

Limited Time Offer

25%

Off

Get Premium GCCC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Desmond
3 months ago
Wow, I didn't realize sharing source code could be so risky!
upvoted 0 times
...
Alex
3 months ago
Logging requests sounds good, but is it enough?
upvoted 0 times
...
Argelia
3 months ago
Not sure why anyone would pick A, that's just asking for trouble!
upvoted 0 times
...
Felix
4 months ago
I think C is the best choice, signatures can really help.
upvoted 0 times
...
Martina
4 months ago
Option B is a smart move, knowing your high-risk assets is key.
upvoted 0 times
...
Therese
4 months ago
Logging connection requests sounds important for monitoring, but I’m not sure if it directly mitigates risk like the other options. Maybe option D is less effective?
upvoted 0 times
...
Gearldine
4 months ago
I feel like creating signatures for an IDS is a proactive measure, and it seems like option C could be a good way to detect specific threats.
upvoted 0 times
...
Delfina
4 months ago
I’m a bit unsure, but I think identifying high-risk assets could help in understanding the overall security posture. It might be option B?
upvoted 0 times
...
Jamie
5 months ago
I remember we discussed how sharing source code can actually increase risk, so I think option A is definitely not the right choice.
upvoted 0 times
...
Alline
5 months ago
This is a tricky one. I'm not sure if logging connection requests or identifying high-risk assets on the same network would be enough to mitigate the risk of the application being compromised. I'm going to go with creating custom IDS signatures to detect attacks specific to the web application.
upvoted 0 times
...
Linsey
5 months ago
I've seen questions like this before. The key is to focus on security controls that can help protect the application itself, rather than just the network or infrastructure. I think creating custom IDS signatures is the best option here.
upvoted 0 times
...
Irene
5 months ago
Okay, let's think this through. Providing the source code to partners seems like a bad idea, as that could increase the risk of the application being compromised. Logging connection requests could be helpful, but it doesn't directly address the risk. I'm leaning towards creating signatures for the IDS to detect attacks specific to the web application.
upvoted 0 times
...
Dusti
5 months ago
Hmm, I'm a bit unsure about this one. There are a few options that could help, but I'm not sure which one is the best approach.
upvoted 0 times
...
Man
5 months ago
This seems like a straightforward security question. I think the key is to focus on mitigating the risk of the application being compromised.
upvoted 0 times
...
Lindsey
5 months ago
The key here is understanding the different broker roles in Kafka. I'll make sure to read through the options carefully and select the three that best describe broker responsibilities.
upvoted 0 times
...
Matthew
2 years ago
I'd go with option C. Gotta love those custom IDS signatures - they're like the cybersecurity version of a secret handshake.
upvoted 0 times
Marjory
1 year ago
Logging connection requests is also important to monitor any suspicious activity from outside hosts.
upvoted 0 times
...
Loren
1 year ago
It's important to have a strong defense in place, especially when dealing with web-based database access.
upvoted 0 times
...
Maile
1 year ago
I agree, having signatures for their IDS tailored to their web application can provide better protection.
upvoted 0 times
...
Albina
1 year ago
Option C sounds like a good choice. Custom IDS signatures can definitely help detect specific attacks.
upvoted 0 times
...
...
France
2 years ago
I personally think option D is the way to go.
upvoted 0 times
...
Curtis
2 years ago
Sharing the source code with sales partners? Yeah, that's a great idea if they want to be the next target of a data breach. Hard pass on option A.
upvoted 0 times
...
Brandon
2 years ago
Option B is the right choice. Securing the high-risk assets on the same network is crucial to prevent the whole system from being compromised.
upvoted 0 times
Shanda
1 year ago
Logging the connection requests is also important to track any suspicious activity from outside hosts.
upvoted 0 times
...
Ashton
2 years ago
Agreed, securing those assets will help prevent any potential compromise of the system.
upvoted 0 times
...
Malcom
2 years ago
Option B is definitely the way to go. We need to protect those high-risk assets.
upvoted 0 times
...
...
Paris
2 years ago
I agree with Hailey, option C seems like the most logical choice.
upvoted 0 times
...
Daryl
2 years ago
I don't know, man. Logging connection requests from outside hosts seems like the easiest and most straightforward solution to me. Why overcomplicate things?
upvoted 0 times
...
Chantay
2 years ago
Option C is definitely the way to go. Creating custom IDS signatures is the best way to protect against targeted attacks on their web app.
upvoted 0 times
Carmen
2 years ago
User 2
upvoted 0 times
...
Joaquin
2 years ago
User 1
upvoted 0 times
...
...
Hailey
2 years ago
I disagree, I believe option C is more effective.
upvoted 0 times
...
Shawna
2 years ago
I think option B is the best choice.
upvoted 0 times
...

Save Cancel