Annex E quiz and practice written test questions and answers 2023 with complete solution

Annex E quiz and practice written test questions and
answers 2023 with complete solution
STIGs are accompanied by two items used to check a system for compliance or
automatically generate reports based on guidelines. Select both items used
during this process.
Checklists; scripts
You are more likely to receive certification from _______________ if you have
configured your systems in accordance with the recommendations in a STIG.
DISA
a uniform way for different organizations to identify people through their digital
certificates containing public keys
PKI
As Data Systems Administrators, you will need to be informed on the types of
threats we will face and the tools we have to defend our systems from them. An
example of these cyber threats is:
Malware/spyware/adware/worm/trojan/social engineers/virus
PKI protects the confidentiality, integrity, authenticity, and non-repudiation of
data.

Having the evidence in the event of a dispute.
non-repudiation
PKI protects the confidentiality, integrity, authenticity, and non-repudiation of
data.

To be sure you know with whom you are communicating.
Authenticity
PKI protects the confidentiality, integrity, authenticity, and non-repudiation of
data.

The act of keeping secrets secret.
Confidentially
PKI protects the confidentiality, integrity, authenticity, and non-repudiation of
data.

To be sure nothing is modified behind your back
Integrity
What is the central console for ACAS?
Security Center
The STIG community includes representatives from:

(Type in any of the STIG Community Representatives listed in the Student
Handouts. You may type in full names or acronyms.)
DISA/NSA/OSD/Combatant Commands/Military Services/NIST

, T F: You create policies on how each product will behave through the ePO's
Group Policy Management Console.
FALSE; created on ePO's web interface
There are two ways to issue a wake-up call from an ePO server to a client. The
first is directly from the server, and other way is:
on a schedule
T F: HBSS is a DoD-Specific security system that's unique to the military and only
provided by the Defense Information Systems Agency (DISA).
FALSE; HBSS is COTS
The ______________________ determines how often the agent checks in with the
ePO server.
ASCI
In the DISA builds the ePO contains the _______________ that stores logs,
events, and policies.

It is also contains the _________________ which stores all products as well as
software that is deployable to the clients.
SQL database; master repository
When a client first initiates communication with the ePO server, the call to the
server is at a randomized interval within the first ______________ minutes of
startup.
10
T F: McAfee Agent provides full system protection even without an ePO server.
False; McAfee itself offers no protection
You can request a copy of an HBSS image from DISA who maintains the latest
image of HBSS. Under what resource can you find step-by-step instructions for
installing HBSS?
DoD patch repository
Identify the three sources used to obtain Audit Files for the Security Center.
Select each correct option from the list below.
Tenable network security templates (SC 5)
DISA STIG automated benchmarks (.zip)
SCAP compliant checklists from NIST (.xccdf).
When it comes to uploading audit files, they can be uploaded by anyone with the
right permissions.

Can upload Audit Files for Security Center-wide usage.
Administrators
When it comes to uploading audit files, they can be uploaded by anyone with the
right permissions.

Can upload Audit Files for use amongst a defined user group.
Unauthorized Organizational Users
The STIG configuration settings are converted to _________________ , imported
into _______________ , and used by _______________ to audit asset
configurations for ___________________.