New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC GCCC Exam - Topic 7 Question 9 Discussion

Actual exam question for GIAC's GCCC exam
Question #: 9
Topic #: 7
[All GCCC Questions]

An organization has created a policy that allows software from an approved list of applications to be installed on workstations. Programs not on the list should not be installed. How can the organization best monitor compliance with the policy?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Ammie at May 03, 2022, 07:00 PM

Limited Time Offer

25%

Off

Get Premium GCCC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Rosann
4 months ago
IDS signatures for unknown User-Agent strings sounds a bit overkill, right?
upvoted 0 times
...
Ronny
4 months ago
Wait, can you really detect all unauthorized installs just by snapshots?
upvoted 0 times
...
Tamala
4 months ago
Auditing Active Directory won't really help with software compliance.
upvoted 0 times
...
Reyes
4 months ago
I think comparing system snapshots is the best way to monitor changes.
upvoted 0 times
...
Alethea
5 months ago
Regular port scans can help catch unauthorized software.
upvoted 0 times
...
Zena
5 months ago
I’m a bit confused about the IDS option. Would creating a signature for unknown User-Agent strings really help with monitoring installed applications?
upvoted 0 times
...
Tabetha
5 months ago
I feel like I’ve seen a question similar to this before, and I think monitoring changes directly is key, so D could be the best choice.
upvoted 0 times
...
Arminda
5 months ago
I'm not entirely sure, but I remember something about port scans being more about network traffic than installed software, so A might not be right.
upvoted 0 times
...
Laurel
5 months ago
I think option D makes the most sense since comparing system snapshots can directly show if unauthorized software has been installed.
upvoted 0 times
...
Noel
5 months ago
Hmm, I'm a bit unsure on this one. I'll need to re-read the question and the answer choices carefully to make sure I understand the "data minimization" principle correctly.
upvoted 0 times
...
Maynard
5 months ago
Hmm, I'm a bit confused here. The question mentions a CIFS share, so I'm not sure if Kerberos would be the right thing to look at. Maybe I should focus more on the data LIF and the node it's on.
upvoted 0 times
...
Tracie
5 months ago
Okay, I think I've got this. I'll use the `trivy image` command to scan the two images, filter for high and critical severities, and redirect the output to the specified file. Should be a pretty straightforward task.
upvoted 0 times
...

Save Cancel