The central console that provides continuous asset-based security and compliance monitor-
ing is ____________. - ANSWER Tenable.sc
The tool that probes hosts and does active vulnerability and compliance scanning is
______________________ - ANSWER Nessus Active Vulnerability Scanner
The tool that can manage scan data, run scans and pull in data from various Nessus Agent is
the ________________. - ANSWER Nessus Manager
The Passive Scanner that detects vulnerabilities by sniffing network traffic is the
__________________________________________. - ANSWER Nessus Network Monitor
What is ACAS? - ANSWER ACAS is a network-based security compliance and assessment
capability designed to provide awareness of the security posture and network health of
DoD networks
What is the task order for the implementation of enterprise use of ACAS? - ANSWER 20-
0020
T/F
A vulnerability is a weakness of attack that can compromise your system - ANSWER FALSE
A vulnerability is not an attack, it is a weakness
T/F
1
,The Nessus scanner monitors data at rest, while the NNM monitors data in motion - AN-
SWER TRUE
A lightweight program installed on the host that gives you visibility into other IT assets that
connect intermittently to the internet - ANSWER A Nessus Agent
Which page loads by default when you log into Tenable.sc? - ANSWER Dashboard
Which of the following pages displays the update schedule for updating the active and pas-
sive plugins on security manager's interface? - ANSWER Feeds
Which page allows you to set your local time zone? - ANSWER Profile
What can you do on the plugins page of Tenable.sc? - ANSWER Search for specific
plugins, view plugin details and source and upload custom plugins
A group of users responsible for a specific number of assets is an _______________. - AN-
SWER Organization
A defined static range of IP addresses with an associated Nessus scanner is called a
_____________________. - ANSWER Scan Zone
A set of proprietary data files that stores scan results and resides on the Tenable.sc is known
as a _____________________. - ANSWER Repository
A script file used to collect and interpret vulnerability, compliance and configuration is a
____________. - ANSWER Plugin
What is the maximum size of a Tenable.sc repository? - ANSWER 32 GB
2
, T/F
The IP address you are scanning must be contained in both the definition of the scan zone
and the definition of the repository - ANSWER True
What Tenable.sc role is responsible for setting up scan zones? - ANSWER Administrator
Per the ACAS contract, how can you get your Tenable.sc plugin updates? - ANSWER Auto-
matically from DISA's plugin server or manually form the DoD patch repository
According to the ACAS contract, what are the three allowable options for scanning stand
alone networks? - ANSWER 1) Install both Nessus and Tenable on a Lunix system using
the ACAS kickstart
2) Configure a windows OS with VM software, installing both Tenable and Nessus on the vir-
tual machines
3) Detach the Nessus system from Tenable and place it in the isolated enclave for scanning.
Once Scanning is complete, reattach Nessus to the tenable and manually upload scan results
Components of an actve vulnerability scan consist of: a scan policy, schedule, credentials,
scan zone, import repo and ________________. - ANSWER Targets
____________ are administrative-level usernames and passwords (or SSH keypairs) used in
authenticated scans? - ANSWER Credentials
Networks using dynamic host configuration protocol (SHCP) require that this active scan set-
ting be enabled to properly track hosts. - ANSWER Track hosts which have been issued
new IP addresses
3
ing is ____________. - ANSWER Tenable.sc
The tool that probes hosts and does active vulnerability and compliance scanning is
______________________ - ANSWER Nessus Active Vulnerability Scanner
The tool that can manage scan data, run scans and pull in data from various Nessus Agent is
the ________________. - ANSWER Nessus Manager
The Passive Scanner that detects vulnerabilities by sniffing network traffic is the
__________________________________________. - ANSWER Nessus Network Monitor
What is ACAS? - ANSWER ACAS is a network-based security compliance and assessment
capability designed to provide awareness of the security posture and network health of
DoD networks
What is the task order for the implementation of enterprise use of ACAS? - ANSWER 20-
0020
T/F
A vulnerability is a weakness of attack that can compromise your system - ANSWER FALSE
A vulnerability is not an attack, it is a weakness
T/F
1
,The Nessus scanner monitors data at rest, while the NNM monitors data in motion - AN-
SWER TRUE
A lightweight program installed on the host that gives you visibility into other IT assets that
connect intermittently to the internet - ANSWER A Nessus Agent
Which page loads by default when you log into Tenable.sc? - ANSWER Dashboard
Which of the following pages displays the update schedule for updating the active and pas-
sive plugins on security manager's interface? - ANSWER Feeds
Which page allows you to set your local time zone? - ANSWER Profile
What can you do on the plugins page of Tenable.sc? - ANSWER Search for specific
plugins, view plugin details and source and upload custom plugins
A group of users responsible for a specific number of assets is an _______________. - AN-
SWER Organization
A defined static range of IP addresses with an associated Nessus scanner is called a
_____________________. - ANSWER Scan Zone
A set of proprietary data files that stores scan results and resides on the Tenable.sc is known
as a _____________________. - ANSWER Repository
A script file used to collect and interpret vulnerability, compliance and configuration is a
____________. - ANSWER Plugin
What is the maximum size of a Tenable.sc repository? - ANSWER 32 GB
2
, T/F
The IP address you are scanning must be contained in both the definition of the scan zone
and the definition of the repository - ANSWER True
What Tenable.sc role is responsible for setting up scan zones? - ANSWER Administrator
Per the ACAS contract, how can you get your Tenable.sc plugin updates? - ANSWER Auto-
matically from DISA's plugin server or manually form the DoD patch repository
According to the ACAS contract, what are the three allowable options for scanning stand
alone networks? - ANSWER 1) Install both Nessus and Tenable on a Lunix system using
the ACAS kickstart
2) Configure a windows OS with VM software, installing both Tenable and Nessus on the vir-
tual machines
3) Detach the Nessus system from Tenable and place it in the isolated enclave for scanning.
Once Scanning is complete, reattach Nessus to the tenable and manually upload scan results
Components of an actve vulnerability scan consist of: a scan policy, schedule, credentials,
scan zone, import repo and ________________. - ANSWER Targets
____________ are administrative-level usernames and passwords (or SSH keypairs) used in
authenticated scans? - ANSWER Credentials
Networks using dynamic host configuration protocol (SHCP) require that this active scan set-
ting be enabled to properly track hosts. - ANSWER Track hosts which have been issued
new IP addresses
3
