7/21/25, 8:42
PM
ANNEX D: SECURITY (HBSS + ACAS) EXAM QUESTIONS
AND ANSWERS WITH COMPLETE SOLUTIONS VERIFIED
LATEST UPDATE 2025/2026
Terms in this set (35)
A carefully crafted document that includes not
only DoD policies and security
Security Technical regulations, but also up-todate best practices
Information Guide and configuration guidelines. These
(STIG) guidelines are used for securing a specific
system or application in accordance with
DoD requirements.
A host based security system, which
Host-Based Security means it is located on the individual
Systems (HBSS) workstation or the host. Uses multiple
different modules to monitor, detect, and
counter against known cyber threats.
Assured Compliance Consists of a suite of products to include
Assessment Solution Red Hat Enterprise Linux, Security
(ACAS) Center, Nessus Scanner and the Nessus
Network Monitor (formerly the Passive
Vulnerability Scanner) which is
1/
6
, 7/21/25, 8:42
PM
provided by DISA to DoD Customers.
Why do we use HBSS US Cyber Command (USCYBERCOM)
mandates that HBSS be installed on
every DoD system.
HBSS Components ePolicy Orchestrator Server, the McAfee
Agent, the distributed repositories, and
the registered servers.
McAfee Agent Its job is to provide a secure
communication channel to the ePO and
manages all of the other modules that will
be installed on the client machine (VSE,
HIPS, etc.).
Agent to Server Determines how often the agent checks in with
Communication the ePO. Default is 60 minutes.
Interval (ASCI)
Encrypted communication using Secure
Agent to Server Sockets Layer (SSL) or Transport Layer
Communication (ASCI) Security (TLS). All encryption is 128-bit
strength and, except for Mac OS X, is
FIPS 140-2 compliant.
Wake-up calls When the ePO forces the managed
machine to initiate an ASCI outside of its
normal interval.
ACAS Repositories Proprietary data files, residing on the
security center, that store scan results.
2/
6
PM
ANNEX D: SECURITY (HBSS + ACAS) EXAM QUESTIONS
AND ANSWERS WITH COMPLETE SOLUTIONS VERIFIED
LATEST UPDATE 2025/2026
Terms in this set (35)
A carefully crafted document that includes not
only DoD policies and security
Security Technical regulations, but also up-todate best practices
Information Guide and configuration guidelines. These
(STIG) guidelines are used for securing a specific
system or application in accordance with
DoD requirements.
A host based security system, which
Host-Based Security means it is located on the individual
Systems (HBSS) workstation or the host. Uses multiple
different modules to monitor, detect, and
counter against known cyber threats.
Assured Compliance Consists of a suite of products to include
Assessment Solution Red Hat Enterprise Linux, Security
(ACAS) Center, Nessus Scanner and the Nessus
Network Monitor (formerly the Passive
Vulnerability Scanner) which is
1/
6
, 7/21/25, 8:42
PM
provided by DISA to DoD Customers.
Why do we use HBSS US Cyber Command (USCYBERCOM)
mandates that HBSS be installed on
every DoD system.
HBSS Components ePolicy Orchestrator Server, the McAfee
Agent, the distributed repositories, and
the registered servers.
McAfee Agent Its job is to provide a secure
communication channel to the ePO and
manages all of the other modules that will
be installed on the client machine (VSE,
HIPS, etc.).
Agent to Server Determines how often the agent checks in with
Communication the ePO. Default is 60 minutes.
Interval (ASCI)
Encrypted communication using Secure
Agent to Server Sockets Layer (SSL) or Transport Layer
Communication (ASCI) Security (TLS). All encryption is 128-bit
strength and, except for Mac OS X, is
FIPS 140-2 compliant.
Wake-up calls When the ePO forces the managed
machine to initiate an ASCI outside of its
normal interval.
ACAS Repositories Proprietary data files, residing on the
security center, that store scan results.
2/
6
