ACAS - 5.3 Course
Select the Task Order for the Implementation of Assured Compliance Assessment Solution (ACAS) for the Enterprise:
13-670
What is the maximum size of a SecurityCenter 5 Repository?
32 GB
What is a scan zone?
A defined static range of IP addresses with an associated Nessus scanner(s)
What is an organization?
A group of individuals who are responsible for a set of common assets
What is a static asset list?
A list of IP addresses that require user intervention in order to change what defines them
Which IP address(es) are acceptable when creating a repository in SecurityCenter?
A single IP address, A range of IP addresses, An address CIDR block, A comma-delimited combination
What is ACAS?
ACAS is a network-based security compliance and assessment capability designed to provide awareness of the security posture and network health of DoD networks.
Which of the following allows you to set an expiration date?
Accept Risk
What alert function defines what an alert does after it has been triggered?
Add Actions
The Dashboard Options button displays which of the following selections?
Add Dashboard, Manage Dashboards, Edit Dashboard, Share Dashboard
What SecurityCenter role is responsible for setting up scan zones?
Administrator
Which SecurityCenter user role creates Scan Zones?
Administrator
Which SecurityCenter user role creates organizations?
Administrator
Which of the following are available through SecurityCenter's Workflow functionality?
Alerts and tickets
You can configure the targets for your Blackout Window to include which of the following?
All Systems, Assets, IPs, Mixed
Users__________.
Are individual SecurityCenter accounts.
You are adding a new user. Which of the following access settings apply to that user definition?
Asset Responsibility, Role, Group, Manage Objects
When you create a group, select all of the objects that you could share to the group.
Assets, Assurance Report Cards, Credentials
What new functionality was added in SecurityCenter 5 under the Dashboard menu?
Assurance Report Cards
Which of the following SecurityCenter resources define specific configurations for compliance scanning?
Audit files
What are the options in the Scanning Distribution Method field on the Organization Setup page?
Automatic Distribution Only, Locked Zone, Selectable Zones
How can you get your SecurityCenter plugin updates?
Automatically, from DISA's plugin server, Manually from the DoD Patch Repository
Groups__________.
Combine access rights to objects within an organization for quick assignment to one or more users.
Which of the following types of information can you display on your Dashboard in SecurityCenter?
Compliance data, Vulnerability data, Trends, Organizational structure
In addition to a Nessus scanner, what are the components of a SecurityCenter compliance audit?
Compliance plugins, Audit file, system or database credentials
Which of the following is NOT a potential action when defining an alert?
Create Scan Policies
When creating a custom role, what are the Scanning Permissions that you can assign?
Create scans, Create plugin scans
Which type of scan obtains information by authenticating to the host to access resources not available over the network.
Credentialed
_________ are administrative-level usernames and passwords (or SSH keypairs) used in authenticated scans?
Credentials
What vulnerabilities are stored in SecurityCenter's Cumulative database?
Current vulnerabilities, including those that have been recast, accepted, or mitigated and found vulnerable on rescan
Which of the following Scan Policy types allows you to select Plugin Families you want?
Custom Advanced Scan
Which page loads by default when you log in to SecurityCenter? Select the best answer.
Dashboard
Roles __________.
Define what a user can do (such as having full, limited, or no scanning permissions).
Which report tab allows you to customize your report elements?
Definition
What is the function of Performance Options in the Scan Policy?
Determines the impact of a scan related to scan times and network behavior
Which type of asset list updates automatically when a scan runs and a repository is updated?
Dynamic
All of the following are benefits of PVS, except _____.
Eliminating the need for active scans
Which of the following Distribution options allows you to send report results to a user in a different organization?
Email Addresses
A Passive Vulnerability Scanner is simply a Network Intrusion Detection System (NIDS)?
False
Any user can create a new repository.
False
Each SecurityCenter will contain only one Administrator, one Organization, and one Security Manager.
False
Once a scan is running, you cannot pause or stop the scan until it has completed running.
False
Security Managers have the ability to assign roles and responsibilities for assets for all organizations within the SecurityCenter.
False
SecurityCenter supports an unlimited number of objects: Users, Scan Zones, Repositories, Organizations, and Asset Lists.
False
You can change the report type of an existing custom report.
False
You can combine IPv4 and IPv6 data in the same repository
False
You can only add Dashboard components for the existing queries you have set up in the Analysis menu.
False
A vulnerability is a weakness or an attack that can compromise your system.
False (a vulnerability does not include an attack)
You've just added a new dashboard using a template, which option allows you to specify the Asset, IP Address, and Repository?
Focus
You've just added a new report using a template, which option allows you to specify an Asset (List), IP Address, and/or Repository?
Focus
Which of the following groups is defined for each organization by default?
Full Access
Which of the following is not a valid SecurityCenter report type?
HTML
Which vulnerability severity level indicates a failed compliance item?
High
Which analysis tool provides a list of vulnerabilities that relate to DoD Information Assurance Vulnerability Alerts and Bulletins?
IAVM Summary
A repository is defined by _________.
IP address range, MDM data type
Local repositories can contain which of the following types of data?
IP v4, IP v6, Mobile
Systems and devices are compliant when they are _________.
In accordance with established guidelines, specifications or legislation
Where do you grant the ability to manage other users and their objects?
In the Users > User Definition
Which of the following roles is NOT a predefined SecurityCenter role?
Information Assurance Manager
Which of the following are options you can consider for scanning stand-alone networks?
Install both Nessus and SecurityCenter on a Linux Laptop using Kickstart, Install both Nessus and SecurityCenter in virtual machines on a Windows 7 laptop, Detach a Nessus scanner from its SecurityCenter for scanning purposes and then reattach to SecurityCenter to upload scan results
When SecurityCenter initiates a scan of a given IP address, ___________.
It determines what zone the IP address is in and notifies the appropriate scanner.
Clicking the Pushpin icon next to a dashboard name on the Manage Dashboards page will do which of the following?
Make the dashboard active/inactive
In a low-bandwidth environment, which of the following options might you adjust to try to improve scanning performance?
Max Simultaneous Checks Per Host, Max Simultaneous Hosts Per Scan
You're adding a Scan Zone in order to scan a new block of IP addresses. What are the fields on the Add Scan Zone page?
Name, Ranges, Scanners
Which ACAS component performs active vulnerability and compliance scanning?
Nessus
Vulnerability results can be exported to a comma-separated file by clicking on _______?
Options > Export as CSV
Which of the following statements is true?
PVS is capable of highlighting all interactive and encrypted network sessions.
PVS monitors data at the _____ layer?
Packet
Which of the following vulnerability filter settings results in viewing only vulnerabilities detected by PVS.
Plugin Type = Passive
Which of the following pages show the date and time of the most recent plugin updates?
Plugins, Feeds
The trigger options for setting a SecurityCenter alert are IP count, Vulnerability/Event count, and _____ count.
Port
Which page allows you to set your local time zone?
Profile
Which of the following SecurityCenter resources allows you to combine filters to provide customized, saved views of vulnerability scan data?
Queries
What is the purpose of a remote repository?
Replicating another SecurityCenter's repository data
Components of an Active Vulnerability Scan consist of: a policy, credentials, scan zone, schedule, _________, and __________.
Repository, Target list
You can use multiple repositories to:
Restrict access to data based on organizational needs, Improve reporting time with smaller data sets, Separate compliance and vulnerability data, Resolve technical issues for non-standard network configurations
Which statement about Nessus scanners is correct? Select all that apply.
Scan Zones are static ranges of IP addresses that can be scanned by one or more Nessus scanners., The same Nessus scanner should not be in multiple Scan Zones.
Repositories are proprietary data files residing on the SecurityCenter that store _______?
Scan data
Which SecurityCenter menu option do you use to upload audit files?
Scans
Which SecurityCenter user role resides at the top of an organization hierarchy?
Security Manager
When you create dynamic asset list(s), which of the following occurs?
SecurityCenter queries the repository(ies) to find assets that match the dynamic asset list's rules.
Acceptable audit files for SecurityCenter include which of the following?
Tenable Network Security Templates (SC Feed), DISA STIG Automated Benchmarks (ingested in .zip format), SCAP compliant checklists from NIST (.xccdf)
What two areas in SecurityCenter allow you to analyze scan results?
The Scan Results page, The Vulnerabilities page
Which of the following best describes the SecurityCenter?
The central console that provides continuous asset-based security and compliance monitoring
Networks using Dynamic Host Configuration Protocol (DHCP) require that this Active Scan setting be enabled to properly track hosts.
Track hosts which have been issued IP addresses
Asset lists are dynamically or statically generated lists of hosts.
True
CMRS is a tool to provide DoD component- and enterprise-level situational awareness by quantitatively displaying an organization's security posture.
True
Compliance auditing identifies deviations from a defined standard, whereas, vulnerability management finds weaknesses that could lead to compromise.
True
Multiple organizations can have access to the same repository.
True
PVS detects vulnerabilities based on network traffic instead of actively scanning hosts.
True
SecurityCenter displays vulnerability data at varying levels and views ranging from the highest level summary down to a detailed vulnerability list.
True
SecurityCenter must be able to connect to each Nessus scanner in your network on a distinct IP address.
True
The IP address(es) you are scanning must be contained in both the definition of the scan zone and the definition of the repository.
True
The Nessus scanner monitors data at rest, while the PVS monitors data in motion.
True
The SecurityCenter Plugins menu displays a list of script files used by Nessus and PVS scanners to collect and interpret vulnerability, compliance, and configuration data.
True
Tickets can be automatically generated from an alert or manually created.
True
Users in different groups using the same shared asset list could see different IP addresses in the list.
True
You can add a dashboard from a pre-built dashboard template or create a custom dashboard.
True
You can associate multiple credentials with a single scan.
True
You may only select one import repository per scan.
True
Your system can suffer a security breach and still be compliant.
True
What two ways can you use to add a dynamic asset list?
Use a template or create a set of rules, Create a set of rules or a scan policy
Vulnerability filters are available to search on the following categories.
Vulnerability Information, Targets, ID Numbers, Dates
You can configure SecurityCenter to perform alerts based on the following condition types: ___________, ____________, or ____________ .
Vulnerability, Event, Ticket Occurrences
All of these are examples of Dashboard components except which one?
XY Axis Graph
Which statement about Nessus scanners is NOT correct?
You must have at least 2 Nessus scanners behind the firewall.
Which Port Scanning Range option tells the scanner to scan only common ports?
default (of 4605 common ports)
Frequently used _____________ can be saved as _____________ for use in analysis, dashboards, reports, tickets, and alerts.
filters, queries
SecurityCenter organizations are that have responsibilities for __________.
groups of individuals, a set of common assets