Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC Exam GCCC Topic 5 Question 59 Discussion

Actual exam question for GIAC's GCCC exam
Question #: 59
Topic #: 5
[All GCCC Questions]

An Internet retailer's database was recently exploited by a foreign criminal organization via a remote attack. The initial exploit resulted in immediate root-level access. What could have been done to prevent this level of access being given to the intruder upon successful exploitation?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Leeann at Sep 15, 2024, 02:44 AM

Limited Time Offer

25%

Off

Get Premium GCCC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Corrie
1 months ago
Gotta love it when the 'experts' leave the database wide open for the bad guys. D all the way!
upvoted 0 times
Cortney
19 days ago
B) Install host integrity monitoring software
upvoted 0 times
...
Tarra
21 days ago
A) Configure the DMZ firewall to block unnecessary service
upvoted 0 times
...
...
Virgina
2 months ago
Hah, I bet the IT team is kicking themselves for not setting the database to run with lower privileges. Rookie mistake!
upvoted 0 times
Corrie
4 days ago
D) Configure the database to run with lower privileges
upvoted 0 times
...
Ria
5 days ago
B) Install host integrity monitoring software
upvoted 0 times
...
Xenia
17 days ago
A) Configure the DMZ firewall to block unnecessary service
upvoted 0 times
...
...
Berry
2 months ago
I'm going with D as well. Running the database with lower privileges is a critical security practice that could have stopped this attack in its tracks.
upvoted 0 times
Delisa
17 days ago
C) Install updated anti-virus software
upvoted 0 times
...
Erasmo
20 days ago
B) Install host integrity monitoring software
upvoted 0 times
...
Shala
28 days ago
A) Configure the DMZ firewall to block unnecessary service
upvoted 0 times
...
...
Dong
2 months ago
A) Configuring the DMZ firewall is a good idea, but it wouldn't have prevented the initial root-level access. We need to focus on the database itself.
upvoted 0 times
Jules
1 months ago
A) Configuring the DMZ firewall is a good idea, but it wouldn't have prevented the initial root-level access. We need to focus on the database itself.
upvoted 0 times
...
Toshia
1 months ago
D) Configuring the database to run with lower privileges would have limited the intruder's access and prevented root-level access.
upvoted 0 times
...
Mitsue
1 months ago
B) Installing host integrity monitoring software could have detected the unauthorized access and prevented further exploitation.
upvoted 0 times
...
...
Junita
2 months ago
But wouldn't installing host integrity monitoring software also help in detecting and preventing such attacks?
upvoted 0 times
...
Audria
2 months ago
I agree with Keshia, that would have prevented the intruder from gaining root-level access.
upvoted 0 times
...
Alex
2 months ago
D) Configure the database to run with lower privileges seems like the best option here. Limiting the access rights of the database can really help contain the damage from such an exploit.
upvoted 0 times
Ryan
24 days ago
D) Configure the database to run with lower privileges
upvoted 0 times
...
Ashton
1 months ago
C) Install updated anti-virus software
upvoted 0 times
...
Johnetta
1 months ago
B) Install host integrity monitoring software
upvoted 0 times
...
Lizette
2 months ago
A) Configure the DMZ firewall to block unnecessary service
upvoted 0 times
...
Reita
2 months ago
User 2
upvoted 0 times
...
Hollis
2 months ago
User 1
upvoted 0 times
...
...
Keshia
3 months ago
We should have configured the DMZ firewall to block unnecessary services.
upvoted 0 times
...

Save Cancel