Is this exam completely free?

ExamCademy offers a free preview for every exam, covering around 20% of the total questions. Full access to all questions is available for free by signing up for an account. Optional supporters unlock AstroTutor (AI tutor) and advanced study modes.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! ExamCademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our practice questions are community-created and moderator-reviewed to align with realistic exam objectives, style, and difficulty.

GSLC by GIAC - Page 1 | ExamCademy

Mode Selection

Sort:

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

Question 13

Question 14

Question 15

Question 16

Question 17

Question 18

Question 19

Question 20

Question 21

That's the end of the Preview

Create a free account to unlock all questions for this exam.

Log In / Sign Up

Page 1 of 5 • Questions 1-25 of 105

1 2 3 4 5

→

Know a question that should be here? Contribute to this exam

What is a reason an organization would choose output-driven over input-driven SIEM collection?

A Search performance
B Real-time alerting
C Attack detection
D Historical analytics

An employee notices a suspicious person in the data center and immediately escalates their concern to a manager.
At which maturity model stage is their company’s security awareness program likely functioning?

A Enforcing Least Privilege
B Promoting Awareness and Change
C Segmentation and Compartmentalization
D Compliance Focused

A CISO reporting to the CEO gains which of the following benefits?

A A strategic understanding of risks and threats
B Ease of communicating security requirements
C Support for improving product security
D A primary focus on compliance and regulatory mandates

Which of the following is a typical responsibility for a Tier 1 SOC analyst?

A Forensics and malware analysis
B Monitoring and triaging alerts
C Sensor tuning and maintenance
D Incident coordination and response

Using a number line evaluation, which value would indicate that an employee is being undercompensated for their current level of contribution to the team?

A 0
B -2
C 2
D A range of -1 to +1

During which SDLC phase should a DAST tool be deployed to spider the application?

A Development
B Production
C Testing
D Design

Notifying system owners, forcing password updates for affected user accounts, and increased monitoring to detect related malicious activity, occur as part of which process?

A Recovery from an incident
B Eradication of an incident
C Preparing for an incident
D Identification of an incident

Which member of a security awareness advisory board provides support for both scoping the target and enforcing program mandates?

A Help Desk
B Security Operations
C Marketing and Communications
D Human Resources

A job candidate agrees to accept a position with a lower salary than requested when the company increases the vacation time and training allowance in the job offer.
What type of negotiating strategy does this describe?

A Integrative bargaining
B Bottom line value
C Distributive bargaining
D Zero sum value

How should Learning Objectives be developed in regard to an organization’s managed risks?

A A single learning objective document should be developed to address company goals for all managed risks
B A learning objective document should be developed for each department listing their managed risks
C An individual learning objective document should be developed for each managed risk
D A learning objective document should be developed for each threat agent that poses a risk

Executives and business unit managers have been asked to review the organization's disaster recovery plan and provide feedback on whether the plans are accurate and complete for their departments.
What type of test is being conducted?

A Functional
B Checklist
C Walkthrough
D Tabletop

Which SIEM function is primarily used for redundancy to prevent data loss when more events are received than the processor can handle?

A Log aggregator
B Log archiving
C Log agent
D Log broker

Which of the following standards defines the iterative risk management process shown below?

Question Image

A NIST CSF
B NIST 800-37
C ISO 27005
D FAIR

What type of security metrics are used to illustrate results at the executive level shown below?

Question Image

A Key performance indicators
B CVSS scores
C Learning objectives
D Critical path activities

What process is demonstrated in the diagram shown below?

Question Image

A Continuous Delivery
B Continuous Integration
C Continuous Improvement
D Continuous Deployment

Based on the selection criterion and the vendor table shown below, what is the prioritized score for Features?

Question Image

A 0.6
B 1.4
C 2.8
D 5.0

What can be determined from the NIST SP800-53 related screenshot below?

Question Image

A Previous Logon (Access) Notification is required in all baselines
B Account Management must be implemented before Unsuccessful Logon Attempts
C Session Lock has the most control enhancements
D Account Management must be implemented before Separation of Duties

The model for the Three Lines of Defense in Effective Risk Management and Control prescribes which of the following?

A Risk Owners in the second line of defense should not delegate the day-to-day management of security controls
B Security teams should have complete responsibility for implementing security controls that catch unexpected events
C Internal auditors have a high level of independence that is not available in the second line of defense
D Risk Control and Compliance personnel can offer completely independent analysis to governing bodies in the final line of defense

At which stage of the Security Awareness Maturity Model is annual training first implemented?

A Long-term sustainment and cultural change
B Metrics framework
C Compliance-focused
D Promoting awareness and behavioral change

Which of the following is an example of a compliance metric for a security awareness program?

A Was there a decrease in the severity of incidents after the awareness program was initiated?
B How many employees reported suspicious emails after awareness training compared to before training?
C Which regulatory requirements will be addressed by deploying an organization wide awareness program?
D What percentage of employees assigned to an awareness training module have completed the training?

What type of network attack uses switch spoofing?

A VLAN hopping
B DHCP snooping
C Ping flooding
D Double tagging

GSLCPreview

Mode Selection

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

Question 13

Question 14

Question 15

Question 16

Question 17

Question 18

Question 19

Question 20

Question 21

That's the end of the Preview