GIAC Exam GCCC Topic 8 Question 66 Discussion

Actual exam question for GIAC's GCCC exam

Question #: 66
Topic #: 8

[All GCCC Questions]

A breach was discovered after several customers reported fraudulent charges on their accounts. The attacker had exported customer logins and cracked passwords that were hashed but not salted. Customers were made to reset their passwords.

Shortly after the systems were cleaned and restored to service, it was discovered that a compromised system administrator's account was being used to give the attacker continued access to the network. Which CIS Control failed in the continued access to the network?

AMaintenance, Monitoring, and Analysis of Audit Logs

BControlled Use of Administrative Privilege

CIncident Response and Management

DAccount Monitoring and Control

Show Suggested Answer

Suggested Answer: C

by Gilberto at Jan 24, 2025, 01:02 PM

Limited Time Offer

25%

Off

Get Premium GCCC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Artie

5 days ago

The answer is clearly B) Controlled Use of Administrative Privilege. The attacker gained continued access through a compromised admin account, so the organization failed to properly manage and restrict administrative privileges.

upvoted 0 times

...

Ty

19 days ago

I believe the answer is A) Maintenance, Monitoring, and Analysis of Audit Logs. If the logs were properly monitored, the suspicious activity could have been detected earlier.

upvoted 0 times

...

Ruthann

23 days ago

I agree with Filiberto. The compromised system administrator's account being used shows a lack of control over administrative privileges.

upvoted 0 times

...

Filiberto

25 days ago

I think the answer is B) Controlled Use of Administrative Privilege.

upvoted 0 times

...