GIAC GCCC Exam Topics
GIAC GCCC Exam Overview :
| Exam Name: | GIAC Critical Controls Certification |
| Exam Code: | GCCC |
| Certifications: | GIAC Critical Controls, GIAC Cyber Security Certifications |
| Actual Exam Duration: | 120 minutes |
| Expected no. of Questions in Actual Exam: | 75 |
| See Expected Questions: | GIAC GCCC Expected Questions in Actual Exam |
GIAC GCCC Exam Objectives :
| Section | Objectives |
|---|---|
| Account Monitoring and Control | The candidate will be familiar with processes and tools used to track/control/prevent/correct use of system and application accounts. |
| Application Software Security | The candidate will be familiar with the processes and tools organizations use to detect/prevent/correct security weaknesses in the development and acquisition of software applications. |
| Background, History, Purpose & Implementation of the 20 CC | The candidate will be familiar with the background, history, and purpose of the CIS Controls. The GIAC Critical Controls Certification exam is aligned with the current release, CIS Controls V7.1. |
| Boundary Defense | The candidate will be familiar with the processes and tools used to detect/prevent/correct the flow of information transferring networks of different trust levels. |
| Continuous Vulnerability Management | The candidate will be familiar with the processes and tools used to detect/prevent/correct security vulnerabilities in the configurations of devices that are listed and approved in the asset inventory database. |
| Controlled Access Based on the Need to Know | The candidate will be familiar with the processes and tools used to track/control/prevent/correct secure access to information according to the formal determination of persons, computers, and applications have a need and right to access information based on an approved classification. |
| Controlled Use of Administrative Privileges | The candidate will be familiar with processes and tools used to track/control/prevent/correct use, assignment and configuration of administrative privileges on computers, networks, and applications. |
| Data Protection | The candidate will be familiar with the processes and tools used to track/control/prevent/correct data transmission and storage, based on the data's content and classification. |
| Data Recovery Capability | The candidate will be familiar with processes and tools used to properly backup critical information with a proven methodology for timely recovery of the critical information. |
| Email & Web Browser Protections | The candidate will be familiar with the processes and tools used to defend email and web based internet traffic from abuse through the use of filters and hardened clients. |
| Implement a Security Awareness and Training Program | The candidate will be familiar with processes and tools to make sure an organization understands the technical skill gaps with their workforce and develop a plan to fill the gaps. |
| Incident Response and Management | The candidate will be familiar with process and tools to make sure an organization has a properly tested plan with trained resources for dealing with adverse events. |
| Inventory and Control of Hardware Assets | The candidate will be familiar with the processes and tools used to track/control/prevent/correct network access by devices based on an asset inventory of which devices are allowed to connect to the network. |
| Inventory and Control of Software Assets | The candidate will be familiar with the processes and tools organizations use to track/control/prevent/correct installation and execution of software on computers based on an asset inventory of approved software. |
| Limitation and Control of Network Ports | The candidate will be familiar with processes and tools used to track/control/prevent/correct use of ports, protocols, and services on networked devices. |
| Maintenance, Monitoring, and Analysis of Audit Logs | The candidate will be familiar with the processes and tools used to detect/prevent/correct use of systems and information based on audit logs of events that are consider significant or could impact the security of an organization. |
| Malware Defenses | The candidate will be familiar with the processes and tools used to detect/prevent/correct installation and execution of malicious software on all devices. |
| Penetration Tests and Red Team Exercises | The candidate will be familiar with process and tools used to simulate attacks against a network to validate the overall security of an organization. |
| Secure Configurations for Hardware and Software | The candidate will be familiar with the processes and tools organizations use to track/control/prevent/correct security weaknesses in the configurations of the hardware and software of devices based on a formal configuration management and change control process. |
| Secure Configurations for Network Devices | The candidate will be familiar with processes and tools used to track/control/prevent/correct security weaknesses in the configurations in network devices based on formal configuration management and change controls processes. |
| Official Information | https://www.giac.org/certification/critical-controls-certification-gccc |
Updates in the GIAC GCCC Exam Topics:
GIAC GCCC exam questions and practice test are the best ways to get fully prepared. Study4exam's trusted preparation material consists of both practice questions and practice test. To pass the actual GIAC Critical Controls GCCC exam on the first attempt, you need to put in hard work on these questions as they cover all updated GIAC GCCC exam topics included in the official syllabus. Besides studying actual questions, you should take the GIAC GCCC practice test for self-assessment and actual exam simulation. Revise actual exam questions and remove your mistakes with the GIAC Critical Controls Certification GCCC exam practice test. Online and Windows-based formats of the GCCC exam practice test are available for self-assessment.
Our Features
- 50000+ Customers feedbacks involved in Products
- Customize your exam based on your objectives
- User-Friendly interface
- Exam History and Progress reports
- Self-Assessment Features
- Various Learning Modes