ACAS - 5.3 Course Questions and Correct Answers, Latest Update

What is ACAS? - ACAS is a network-based security compliance and assessment capability designed to provide awareness of the security posture and network health of DoD networks. Which of the following best describes the SecurityCenter? - The central console that provides continuous asset-based security and compliance monitoring A vulnerability is a weakness or an attack that can compromise your system. - False (a vulnerability does not include an attack) The Nessus scanner monitors data at rest, while the PVS monitors data in motion. - True PVS detects vulnerabilities based on network traffic instead of actively scanning hosts. - True Which ACAS component performs active vulnerability and compliance scanning? - Nessus CMRS is a tool to provide DoD component- and enterprise-level situational awareness by quantitatively displaying an organization's security posture. - True Select the Task Order for the Implementation of Assured Compliance Assessment Solution (ACAS) for the Enterprise: - 13-670 Which page loads by default when you log in to SecurityCenter? Select the best answer. - Dashboard Which of the following pages show the date and time of the most recent plugin updates? - Plugins, Feeds Which page allows you to set your local time zone? - Profile What is an organization? - A group of individuals who are responsible for a set of common assets What is a scan zone? - A defined static range of IP addresses with an associated Nessus scanner(s) What is the maximum size of a SecurityCenter 5 Repository? - 32 GB The IP address(es) you are scanning must be contained in both the definition of the scan zone and the definition of the repository. - True What SecurityCenter role is responsible for setting up scan zones? - Administrator How can you get your SecurityCenter plugin updates? - Automatically, from DISA's plugin server, Manually from the DoD Patch Repository The SecurityCenter Plugins menu displays a list of script files used by Nessus and PVS scanners to collect and interpret vulnerability, compliance, and configuration data. - True Which of the following are options you can consider for scanning stand-alone networks? - Install both Nessus and SecurityCenter on a Linux Laptop using Kickstart, Install both Nessus and SecurityCenter in virtual machines on a Windows 7 laptop, Detach a Nessus scanner from its SecurityCenter for scanning purposes and then reattach to SecurityCenter to upload scan results Components of an Active Vulnerability Scan consist of: a policy, credentials, scan zone, schedule, _________, and __________. - Repository, Target list _________ are administrative-level usernames and passwords (or SSH keypairs) used in authenticated scans? - Credentials You can associate multiple credentials with a single scan. - True Networks using Dynamic Host Configuration Protocol (DHCP) require that this Active Scan setting be enabled to properly track hosts. - Track hosts which have been issued IP addresses Which type of scan obtains information by authenticating to the host to access resources not available over the network. - Credentialed You may only select one import repository per scan. - True Once a scan is running, you cannot pause or stop the scan until it has completed running. - False Which Port Scanning Range option tells the scanner to scan only common ports? - default (of 4605 common ports) In a low-bandwidth environment, which of the following options might you adjust to try to improve scanning performance? - Max Simultaneous Checks Per Host, Max Simultaneous Hosts Per Scan