Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

GIAC Exam GCCC Topic 8 Question 66 Discussion

Actual exam question for GIAC's GCCC exam
Question #: 66
Topic #: 8
[All GCCC Questions]

A breach was discovered after several customers reported fraudulent charges on their accounts. The attacker had exported customer logins and cracked passwords that were hashed but not salted. Customers were made to reset their passwords.

Shortly after the systems were cleaned and restored to service, it was discovered that a compromised system administrator's account was being used to give the attacker continued access to the network. Which CIS Control failed in the continued access to the network?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Gilberto at Jan 24, 2025, 01:02 PM

Limited Time Offer

25%

Off

Get Premium GCCC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Jamie
1 months ago
As someone who once accidentally deleted the entire company database, I can appreciate the importance of proper incident response. I'll say C) just to be safe.
upvoted 0 times
Vicki
7 days ago
I think controlled use of administrative privilege is also important to prevent unauthorized access. So, I would go with B).
upvoted 0 times
...
Blair
18 days ago
I agree, incident response and management is crucial in situations like this. C) is the right choice.
upvoted 0 times
...
...
Kandis
1 months ago
Haha, looks like they need to invest in some better password security! Salting those hashes would have been a good start. I'll go with B) to cover my bases.
upvoted 0 times
...
Karima
2 months ago
I'd go with D) Account Monitoring and Control. The fact that the attacker was able to use the admin account undetected suggests a lack of proper account monitoring and control measures.
upvoted 0 times
Angelo
6 days ago
Definitely, without proper account monitoring and control, attackers can easily exploit vulnerabilities in the system.
upvoted 0 times
...
Apolonia
16 days ago
It's important to have proper monitoring and control over accounts to prevent unauthorized access.
upvoted 0 times
...
Reita
1 months ago
I agree, D) Account Monitoring and Control seems to be the one that failed in this situation.
upvoted 0 times
...
...
Artie
2 months ago
The answer is clearly B) Controlled Use of Administrative Privilege. The attacker gained continued access through a compromised admin account, so the organization failed to properly manage and restrict administrative privileges.
upvoted 0 times
Merissa
17 days ago
D: Definitely a lesson in the importance of managing administrative access.
upvoted 0 times
...
Lemuel
19 days ago
C: So, the organization should have restricted admin privileges more effectively.
upvoted 0 times
...
Judy
1 months ago
B: Yeah, the compromised admin account gave the attacker continued access.
upvoted 0 times
...
Lashandra
2 months ago
A: I think the answer is B) Controlled Use of Administrative Privilege.
upvoted 0 times
...
...
Ty
2 months ago
I believe the answer is A) Maintenance, Monitoring, and Analysis of Audit Logs. If the logs were properly monitored, the suspicious activity could have been detected earlier.
upvoted 0 times
...
Ruthann
3 months ago
I agree with Filiberto. The compromised system administrator's account being used shows a lack of control over administrative privileges.
upvoted 0 times
...
Filiberto
3 months ago
I think the answer is B) Controlled Use of Administrative Privilege.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77