ACAS Review Questions and Answers 2022 with
complete solution
Components of an Active Vulnerability Scan consist of: A policy, credentials,
scan zone, schedule, ________, and _________.
Repository and Target List
______ are administrative level usernames and passwords used in authenticated
scans?
Credentials
True/False: You can associate multiple credentials with a single scan
True
Networks using DHCP require what Active Scan setting be enabled to properly
track hosts
Track hosts which have been issued new IP addresses
Which type of scan obtains information by authenticating to the host access
resources not available over the network
Credentialed
True/False: You may only select one import repository per scan
True
True/False: Once a scan is running, you cannot pause or stop it until it is
completed
False
Which Port Scanning Range option tells the scanner to scan only common ports?
Default
In a low-bandwidth environment, which options might you adjust to try to
improve scanning performance?
Max Simultaneous Checks Per Host and Max Simultaneous Hosts Per Scan
What is the function of Performance Options in the Scan Policy?
Determines the impact of a scan related to scan times and network behavior
You can configures the targets for you Blackout Window to include...
All Systems, Assets, IPs, Mixed
Which Scan Policy types allows you to select Plugin Families you want?
Custom Advanced Scan
What is an organization?
A group of individuals who are responsible for a set of common assets
What is a scan zone?
A defined static range of IP addresses with an associated Nessus scanner
What is the maximum size of a SecurityCenter 5 Repository?
32GB
True/False: The IP addresses you are scanning must be contained in both the
definition of the scan zone and the definition of the repository
True
What SecurityCenter Role is responsible for setting scan zones?
Admin
How can you get your SecurityCenter Plugin updates?
, Automatically from DISA's plugin server or Manually from the DoD Patch Repository
True/False: The SecurityCenter Plugins menu displays a list of script files used
by Nessus and PVS scanners to collect and interpret vulnerability, compliance,
and configuration data.
True
Which options can you consider for scanning stand-alone networks.
Install both Nessus and SecurityCenter on a Linux Laptop using Kickstart or in a virtual
machine on a Windows 7 laptop. Also, you may Detach a Nessus scanner from its
SecurityCenter for scanning purposed and then reattach to SecurityCenter to upload
scan results
Which page loads by default when you log in to SecurityCenter?
Dashboard
Which of the pages show the date and time of the most recent plugin updates?
Feeds or Plugins
Which page allows you to set your local time zone
Profile
True/False: Asset lists are dynamically or statically generated lists of hosts
True
Which type of asset list updates automatically when a scan runs and a repository
is updated?
Dynamic
What is a static asset list?
A list of IP addresses that require user intervention in order to change what defines
them
What two ways can you use to add a dynamic asset list?
Use a template or create a set of rules
When you create a dynamic asset list, what occurs?
SecurityCenter queries the repository to find assets that match the dynamic asset list's
rules
True/False: Users in different groups using the same shared asset list could see
different IP addresses in the list
True
What two areas in Security Center allow you to analyze scan results?
The Scan Results page and The Vulnerabilities page
True/False: SecurityCenter displays vulnerability data at varying levels and views
ranging from the highest level summary down to a detailed vulnerability list.
True
What vulnerabilities are stored in SecurityCenter's Cumulative database
Current vulnerabilities, including those that have been recast, accepted, or mitigated
and found vulnerable on rescan.
Which analysis tool provides a list of vulnerabilities that relate to DoD Information
Assurance Vulnerability Alerts and Bulletins?
IAVM Summary
Vulnerability filters are available to search on what categories
Vulnerability Information, Targets, ID Numbers, and Dates
complete solution
Components of an Active Vulnerability Scan consist of: A policy, credentials,
scan zone, schedule, ________, and _________.
Repository and Target List
______ are administrative level usernames and passwords used in authenticated
scans?
Credentials
True/False: You can associate multiple credentials with a single scan
True
Networks using DHCP require what Active Scan setting be enabled to properly
track hosts
Track hosts which have been issued new IP addresses
Which type of scan obtains information by authenticating to the host access
resources not available over the network
Credentialed
True/False: You may only select one import repository per scan
True
True/False: Once a scan is running, you cannot pause or stop it until it is
completed
False
Which Port Scanning Range option tells the scanner to scan only common ports?
Default
In a low-bandwidth environment, which options might you adjust to try to
improve scanning performance?
Max Simultaneous Checks Per Host and Max Simultaneous Hosts Per Scan
What is the function of Performance Options in the Scan Policy?
Determines the impact of a scan related to scan times and network behavior
You can configures the targets for you Blackout Window to include...
All Systems, Assets, IPs, Mixed
Which Scan Policy types allows you to select Plugin Families you want?
Custom Advanced Scan
What is an organization?
A group of individuals who are responsible for a set of common assets
What is a scan zone?
A defined static range of IP addresses with an associated Nessus scanner
What is the maximum size of a SecurityCenter 5 Repository?
32GB
True/False: The IP addresses you are scanning must be contained in both the
definition of the scan zone and the definition of the repository
True
What SecurityCenter Role is responsible for setting scan zones?
Admin
How can you get your SecurityCenter Plugin updates?
, Automatically from DISA's plugin server or Manually from the DoD Patch Repository
True/False: The SecurityCenter Plugins menu displays a list of script files used
by Nessus and PVS scanners to collect and interpret vulnerability, compliance,
and configuration data.
True
Which options can you consider for scanning stand-alone networks.
Install both Nessus and SecurityCenter on a Linux Laptop using Kickstart or in a virtual
machine on a Windows 7 laptop. Also, you may Detach a Nessus scanner from its
SecurityCenter for scanning purposed and then reattach to SecurityCenter to upload
scan results
Which page loads by default when you log in to SecurityCenter?
Dashboard
Which of the pages show the date and time of the most recent plugin updates?
Feeds or Plugins
Which page allows you to set your local time zone
Profile
True/False: Asset lists are dynamically or statically generated lists of hosts
True
Which type of asset list updates automatically when a scan runs and a repository
is updated?
Dynamic
What is a static asset list?
A list of IP addresses that require user intervention in order to change what defines
them
What two ways can you use to add a dynamic asset list?
Use a template or create a set of rules
When you create a dynamic asset list, what occurs?
SecurityCenter queries the repository to find assets that match the dynamic asset list's
rules
True/False: Users in different groups using the same shared asset list could see
different IP addresses in the list
True
What two areas in Security Center allow you to analyze scan results?
The Scan Results page and The Vulnerabilities page
True/False: SecurityCenter displays vulnerability data at varying levels and views
ranging from the highest level summary down to a detailed vulnerability list.
True
What vulnerabilities are stored in SecurityCenter's Cumulative database
Current vulnerabilities, including those that have been recast, accepted, or mitigated
and found vulnerable on rescan.
Which analysis tool provides a list of vulnerabilities that relate to DoD Information
Assurance Vulnerability Alerts and Bulletins?
IAVM Summary
Vulnerability filters are available to search on what categories
Vulnerability Information, Targets, ID Numbers, and Dates
