GIAC GCCC Exam - Topic 5 Question 59 Discussion

Actual exam question for GIAC's GCCC exam

Question #: 59
Topic #: 5

An Internet retailer's database was recently exploited by a foreign criminal organization via a remote attack. The initial exploit resulted in immediate root-level access. What could have been done to prevent this level of access being given to the intruder upon successful exploitation?

AConfigure the DMZ firewall to block unnecessary service

BInstall host integrity monitoring software

CInstall updated anti-virus software

DConfigure the database to run with lower privileges

Show Suggested Answer

Suggested Answer: C

by Leeann at Sep 15, 2024, 02:44 AM

Limited Time Offer

25%

Off

Get Premium GCCC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Georgeanna

6 months ago

Blocking unnecessary services is crucial too!

upvoted 0 times

...

Brice

6 months ago

Wait, how did they even get root access in the first place?

upvoted 0 times

...

William

6 months ago

I thought anti-virus was enough, but maybe not?

upvoted 0 times

...

Jame

7 months ago

Totally agree, D is the way to go.

upvoted 0 times

...

Cherri

7 months ago

Lowering database privileges is a must!

upvoted 0 times

...

Eleonore

7 months ago

I feel like updated anti-virus software is important, but I'm not sure it would have stopped a remote attack that gained root access. Option C might not be the best choice here.

upvoted 0 times

...

Bernadine

7 months ago

I practiced a question similar to this, and I think host integrity monitoring could help detect intrusions early. But I'm not convinced it's a complete solution like option D.

upvoted 0 times

...

Claribel

8 months ago

I'm not entirely sure, but I think blocking unnecessary services with a firewall could reduce attack vectors. Maybe option A is relevant here?

upvoted 0 times

...

Felicidad

8 months ago

I remember discussing the importance of running services with the least privilege principle. It seems like option D could really help prevent root access.

upvoted 0 times

...

Markus

8 months ago

Configuring the DMZ firewall to block unnecessary services seems like the most straightforward solution here. I'll make sure to explain my reasoning clearly.

upvoted 0 times

...

Elfrieda

8 months ago

Okay, I've got a strategy for this. I think configuring the database to run with lower privileges is the key to preventing this level of access.

upvoted 0 times

...

Brett

8 months ago

Hmm, I'm a bit unsure about this. I'll need to review the material on network security and database configurations to make sure I understand the best approach.

upvoted 0 times

...

Candida

8 months ago

This is a tricky one. I'll need to think carefully about the different security measures that could have prevented the intruder from gaining root-level access.

upvoted 0 times

...

Jesus

8 months ago

I'm feeling pretty confident about this one. Installing host integrity monitoring software would have been a great way to detect and prevent the initial exploit.

upvoted 0 times

...

Jillian

8 months ago

The national radio campaign sounds like an expensive option that might not be the best fit for a small club. I'm leaning more towards the one-month free trial or the refer-a-friend scheme - those seem like good ways to get new members in the door.

upvoted 0 times

...

Corrie

1 year ago

Gotta love it when the 'experts' leave the database wide open for the bad guys. D all the way!

upvoted 0 times

Owen

11 months ago

C) Install updated anti-virus software

upvoted 0 times

...

Cortney

12 months ago

B) Install host integrity monitoring software

upvoted 0 times

...

Tarra

1 year ago

A) Configure the DMZ firewall to block unnecessary service

upvoted 0 times

...

Virgina

1 year ago

Hah, I bet the IT team is kicking themselves for not setting the database to run with lower privileges. Rookie mistake!

upvoted 0 times

Corrie

11 months ago

D) Configure the database to run with lower privileges

upvoted 0 times

...

Ria

12 months ago

B) Install host integrity monitoring software

upvoted 0 times

...

Xenia

12 months ago

A) Configure the DMZ firewall to block unnecessary service

upvoted 0 times

...

Berry

1 year ago

I'm going with D as well. Running the database with lower privileges is a critical security practice that could have stopped this attack in its tracks.

upvoted 0 times

Delisa

12 months ago

C) Install updated anti-virus software

upvoted 0 times

...

Erasmo

1 year ago

B) Install host integrity monitoring software

upvoted 0 times

...

Shala

1 year ago

A) Configure the DMZ firewall to block unnecessary service

upvoted 0 times

...

Dong

1 year ago

A) Configuring the DMZ firewall is a good idea, but it wouldn't have prevented the initial root-level access. We need to focus on the database itself.

upvoted 0 times

Jules

1 year ago

A) Configuring the DMZ firewall is a good idea, but it wouldn't have prevented the initial root-level access. We need to focus on the database itself.

upvoted 0 times

...

Toshia

1 year ago

D) Configuring the database to run with lower privileges would have limited the intruder's access and prevented root-level access.

upvoted 0 times

...

Mitsue

1 year ago

B) Installing host integrity monitoring software could have detected the unauthorized access and prevented further exploitation.

upvoted 0 times

...

Junita

1 year ago

But wouldn't installing host integrity monitoring software also help in detecting and preventing such attacks?

upvoted 0 times

...

Audria

1 year ago

I agree with Keshia, that would have prevented the intruder from gaining root-level access.

upvoted 0 times

...

Alex

1 year ago

D) Configure the database to run with lower privileges seems like the best option here. Limiting the access rights of the database can really help contain the damage from such an exploit.

upvoted 0 times