Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC GCED Exam - Topic 3 Question 23 Discussion

Actual exam question for GIAC's GCED exam
Question #: 23
Topic #: 3
[All GCED Questions]

An outside vulnerability assessment reveals that users have been routinely accessing Gmail from work for over a year, a clear violation of this organization's security policy. The users report ''it just started working one day''. Later, a network administrator admits he meant to unblock Gmail for just his own IP address, but he made a mistake in the firewall rule.

Which security control failed?

Show Suggested Answer Hide Answer
Suggested Answer: C

Audits are used to identify irregular activity in logged (after-the-fact) records. If this activity went unnoticed or uncorrected for over a year, the internal audits failed because they were either incomplete or inaccurate.

Authentication, access control and managing user rights would not apply as a network admin could be expected to have the ability to configure firewall rules.


by Lindsey at May 08, 2022, 08:42 PM

Limited Time Offer

25%

Off

Get Premium GCED Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Carisa
7 months ago
I’m not so sure, could it be an issue with rights management too?
upvoted 0 times
...
Tyra
7 months ago
Sounds like a classic case of misconfiguration.
upvoted 0 times
...
Bette
7 months ago
Wait, how did no one notice this for a year?
upvoted 0 times
...
Janet
8 months ago
I agree, that firewall mistake is a big deal!
upvoted 0 times
...
Ashleigh
8 months ago
Definitely access control failed here.
upvoted 0 times
...
Marti
8 months ago
I’m leaning towards access control as well, but I wonder if the authentication process played a role in allowing users to access Gmail without proper checks.
upvoted 0 times
...
Brice
8 months ago
I remember a practice question about misconfigured permissions, and it seems like rights management could be involved too, but access control feels more direct.
upvoted 0 times
...
Edna
8 months ago
I'm not entirely sure, but I feel like auditing could also be relevant here. If they had better logs, they might have caught this sooner.
upvoted 0 times
...
Misty
8 months ago
I think this is definitely an access control issue since the firewall rule was misconfigured.
upvoted 0 times
...
Shonda
8 months ago
The Cap: annotations are new to me. I'll need to research that a bit more to understand if it's truly a requirement or just an optional optimization.
upvoted 0 times
...
Samuel
8 months ago
I think the access switch might be the one in a degraded state, but I'm not 100% confident on that. I'll need to review my notes on the different network device types and their potential issues.
upvoted 0 times
...
Malcom
8 months ago
Okay, I think I remember learning about this in class. Let me double-check my notes... Ah yes, the default fdb size is 100, so I'll select option A.
upvoted 0 times
...

Save Cancel