ACAS 5.3 FINAL TEST
What is ACAS? - ANSWER ACAS is a network-based security compliance and
assessment capability
designed to provide awareness of the security posture and network health of
DoD networks.
Which of the following best describes the SecurityCenter? - ANSWER The central
console that provides continuous asset-based security and
compliance monitoring
A vulnerability is a weakness or an attack that can compromise your system. -
ANSWER False (a vulnerability does not include an attack)
The Nessus scanner monitors data at rest, while the PVS monitors data in motion. -
ANSWER True
PVS detects vulnerabilities based on network traffic instead of actively scanning
hosts. - ANSWER True
Which ACAS component performs active vulnerability and compliance scanning? -
ANSWER Nessus
CMRS is a tool to provide DoD component- and enterprise-level situational
awareness by quantitatively displaying an organization's security posture. -
ANSWER True
Select the Task Order for the Implementation of Assured Compliance Assessment
Solution (ACAS) for the Enterprise: - ANSWER 13-670
Which page loads by default when you log in to SecurityCenter? Select the best
answer. - ANSWER Dashboard
Which of the following pages show the date and time of the most recent plugin
updates? - ANSWER Plugins, Feeds
Which page allows you to set your local time zone? - ANSWER Profile
What is an organization? - ANSWER A group of individuals who are responsible for
a set of common assets
What is a scan zone? - ANSWER A defined static range of IP addresses with an
associated Nessus scanner(s)
What is the maximum size of a SecurityCenter 5 Repository? - ANSWER 32 GB
The IP address(es) you are scanning must be contained in both the definition of the
scan zone and the definition of the repository. - ANSWER True
, What SecurityCenter role is responsible for setting up scan zones? - ANSWER
Administrator
How can you get your SecurityCenter plugin updates? - ANSWER Automatically,
from DISA's plugin server, Manually from the DoD Patch Repository
The SecurityCenter Plugins menu displays a list of script files used by Nessus and
PVS scanners to collect and interpret vulnerability, compliance, and configuration
data. - ANSWER True
Which of the following are options you can consider for scanning stand-alone
networks? - ANSWER Install both Nessus and SecurityCenter on a Linux Laptop
using Kickstart, Install both Nessus and SecurityCenter in virtual machines on a
Windows 7 laptop, Detach a Nessus scanner from its SecurityCenter for scanning
purposes and then reattach to SecurityCenter to upload scan results
Components of an Active Vulnerability Scan consist of: a policy, credentials, scan
zone, schedule, _________, and __________. - ANSWER Repository, Target list
_________ are administrative-level usernames and passwords (or SSH keypairs)
used in authenticated scans? - ANSWER Credentials
You can associate multiple credentials with a single scan. - ANSWER True
Networks using Dynamic Host Configuration Protocol (DHCP) require that this Active
Scan setting be enabled to properly track hosts. - ANSWER Track hosts which have
been issued IP addresses
Which type of scan obtains information by authenticating to the host to access
resources not available over the network. - ANSWER Credentialed
You may only select one import repository per scan. - ANSWER True
Once a scan is running, you cannot pause or stop the scan until it has completed
running. - ANSWER False
Which Port Scanning Range option tells the scanner to scan only common ports? -
ANSWER default (of 4605 common ports)
In a low-bandwidth environment, which of the following options might you adjust to
try to improve scanning performance? - ANSWER Max Simultaneous Checks Per
Host, Max Simultaneous Hosts Per Scan
What is the function of Performance Options in the Scan Policy? - ANSWER
Determines the impact of a scan related to scan times and network behavior
You can configure the targets for your Blackout Window to include which of the
following? - ANSWER All Systems, Assets, IPs, Mixed
What is ACAS? - ANSWER ACAS is a network-based security compliance and
assessment capability
designed to provide awareness of the security posture and network health of
DoD networks.
Which of the following best describes the SecurityCenter? - ANSWER The central
console that provides continuous asset-based security and
compliance monitoring
A vulnerability is a weakness or an attack that can compromise your system. -
ANSWER False (a vulnerability does not include an attack)
The Nessus scanner monitors data at rest, while the PVS monitors data in motion. -
ANSWER True
PVS detects vulnerabilities based on network traffic instead of actively scanning
hosts. - ANSWER True
Which ACAS component performs active vulnerability and compliance scanning? -
ANSWER Nessus
CMRS is a tool to provide DoD component- and enterprise-level situational
awareness by quantitatively displaying an organization's security posture. -
ANSWER True
Select the Task Order for the Implementation of Assured Compliance Assessment
Solution (ACAS) for the Enterprise: - ANSWER 13-670
Which page loads by default when you log in to SecurityCenter? Select the best
answer. - ANSWER Dashboard
Which of the following pages show the date and time of the most recent plugin
updates? - ANSWER Plugins, Feeds
Which page allows you to set your local time zone? - ANSWER Profile
What is an organization? - ANSWER A group of individuals who are responsible for
a set of common assets
What is a scan zone? - ANSWER A defined static range of IP addresses with an
associated Nessus scanner(s)
What is the maximum size of a SecurityCenter 5 Repository? - ANSWER 32 GB
The IP address(es) you are scanning must be contained in both the definition of the
scan zone and the definition of the repository. - ANSWER True
, What SecurityCenter role is responsible for setting up scan zones? - ANSWER
Administrator
How can you get your SecurityCenter plugin updates? - ANSWER Automatically,
from DISA's plugin server, Manually from the DoD Patch Repository
The SecurityCenter Plugins menu displays a list of script files used by Nessus and
PVS scanners to collect and interpret vulnerability, compliance, and configuration
data. - ANSWER True
Which of the following are options you can consider for scanning stand-alone
networks? - ANSWER Install both Nessus and SecurityCenter on a Linux Laptop
using Kickstart, Install both Nessus and SecurityCenter in virtual machines on a
Windows 7 laptop, Detach a Nessus scanner from its SecurityCenter for scanning
purposes and then reattach to SecurityCenter to upload scan results
Components of an Active Vulnerability Scan consist of: a policy, credentials, scan
zone, schedule, _________, and __________. - ANSWER Repository, Target list
_________ are administrative-level usernames and passwords (or SSH keypairs)
used in authenticated scans? - ANSWER Credentials
You can associate multiple credentials with a single scan. - ANSWER True
Networks using Dynamic Host Configuration Protocol (DHCP) require that this Active
Scan setting be enabled to properly track hosts. - ANSWER Track hosts which have
been issued IP addresses
Which type of scan obtains information by authenticating to the host to access
resources not available over the network. - ANSWER Credentialed
You may only select one import repository per scan. - ANSWER True
Once a scan is running, you cannot pause or stop the scan until it has completed
running. - ANSWER False
Which Port Scanning Range option tells the scanner to scan only common ports? -
ANSWER default (of 4605 common ports)
In a low-bandwidth environment, which of the following options might you adjust to
try to improve scanning performance? - ANSWER Max Simultaneous Checks Per
Host, Max Simultaneous Hosts Per Scan
What is the function of Performance Options in the Scan Policy? - ANSWER
Determines the impact of a scan related to scan times and network behavior
You can configure the targets for your Blackout Window to include which of the
following? - ANSWER All Systems, Assets, IPs, Mixed
