1|Page
ACAS Study Questions and Answers
100% Pass
The central console that provides continuous asset-based security and compliance monitoring is
____________. - ✔✔Tenable.sc
The tool that probes hosts and does active vulnerability and compliance scanning is
______________________ - ✔✔Nessus Active Vulnerability Scanner
The tool that can manage scan data, run scans and pull in data from various Nessus Agent is the
________________. - ✔✔Nessus Manager
The Passive Scanner that detects vulnerabilities by sniffing network traffic is the
__________________________________________. - ✔✔Nessus Network Monitor
What is ACAS? - ✔✔ACAS is a network-based security compliance and assessment capability designed
to provide awareness of the security posture and network health of
DoD networks
What is the task order for the implementation of enterprise use of ACAS? - ✔✔20-0020
T/F
A vulnerability is a weakness of attack that can compromise your system - ✔✔FALSE
A vulnerability is not an attack, it is a weakness
Author. Emily Charlene, ©2025 All Rights Reserved.
,2|Page
T/F
The Nessus scanner monitors data at rest, while the NNM monitors data in motion - ✔✔TRUE
A lightweight program installed on the host that gives you visibility into other IT assets that connect
intermittently to the internet - ✔✔A Nessus Agent
Which page loads by default when you log into Tenable.sc? - ✔✔Dashboard
Which of the following pages displays the update schedule for updating the active and passive plugins
on security manager's interface? - ✔✔Feeds
Which page allows you to set your local time zone? - ✔✔Profile
What can you do on the plugins page of Tenable.sc? - ✔✔Search for specific plugins, view plugin details
and source and upload custom plugins
A group of users responsible for a specific number of assets is an _______________. - ✔✔Organization
A defined static range of IP addresses with an associated Nessus scanner is called a
_____________________. - ✔✔Scan Zone
A set of proprietary data files that stores scan results and resides on the Tenable.sc is known as a
_____________________. - ✔✔Repository
A script file used to collect and interpret vulnerability, compliance and configuration is a ____________. -
✔✔Plugin
What is the maximum size of a Tenable.sc repository? - ✔✔32 GB
T/F
The IP address you are scanning must be contained in both the definition of the scan zone and the
definition of the repository - ✔✔True
Author. Emily Charlene, ©2025 All Rights Reserved.
, 3|Page
What Tenable.sc role is responsible for setting up scan zones? - ✔✔Administrator
Per the ACAS contract, how can you get your Tenable.sc plugin updates? - ✔✔Automatically from
DISA's plugin server or manually form the DoD patch repository
According to the ACAS contract, what are the three allowable options for scanning stand alone networks?
- ✔✔1) Install both Nessus and Tenable on a Lunix system using the ACAS kickstart
2) Configure a windows OS with VM software, installing both Tenable and Nessus on the virtual
machines
3) Detach the Nessus system from Tenable and place it in the isolated enclave for scanning. Once
Scanning is complete, reattach Nessus to the tenable and manually upload scan results
Components of an actve vulnerability scan consist of: a scan policy, schedule, credentials, scan zone,
import repo and ________________. - ✔✔Targets
____________ are administrative-level usernames and passwords (or SSH keypairs) used in authenticated
scans? - ✔✔Credentials
Networks using dynamic host configuration protocol (SHCP) require that this active scan setting be
enabled to properly track hosts. - ✔✔Track hosts which have been issued new IP addresses
Which type of scan is able to run local checks? - ✔✔Credentialed
T/F
You may only select one import repository per scan - ✔✔TRUE
T/F
Author. Emily Charlene, ©2025 All Rights Reserved.
ACAS Study Questions and Answers
100% Pass
The central console that provides continuous asset-based security and compliance monitoring is
____________. - ✔✔Tenable.sc
The tool that probes hosts and does active vulnerability and compliance scanning is
______________________ - ✔✔Nessus Active Vulnerability Scanner
The tool that can manage scan data, run scans and pull in data from various Nessus Agent is the
________________. - ✔✔Nessus Manager
The Passive Scanner that detects vulnerabilities by sniffing network traffic is the
__________________________________________. - ✔✔Nessus Network Monitor
What is ACAS? - ✔✔ACAS is a network-based security compliance and assessment capability designed
to provide awareness of the security posture and network health of
DoD networks
What is the task order for the implementation of enterprise use of ACAS? - ✔✔20-0020
T/F
A vulnerability is a weakness of attack that can compromise your system - ✔✔FALSE
A vulnerability is not an attack, it is a weakness
Author. Emily Charlene, ©2025 All Rights Reserved.
,2|Page
T/F
The Nessus scanner monitors data at rest, while the NNM monitors data in motion - ✔✔TRUE
A lightweight program installed on the host that gives you visibility into other IT assets that connect
intermittently to the internet - ✔✔A Nessus Agent
Which page loads by default when you log into Tenable.sc? - ✔✔Dashboard
Which of the following pages displays the update schedule for updating the active and passive plugins
on security manager's interface? - ✔✔Feeds
Which page allows you to set your local time zone? - ✔✔Profile
What can you do on the plugins page of Tenable.sc? - ✔✔Search for specific plugins, view plugin details
and source and upload custom plugins
A group of users responsible for a specific number of assets is an _______________. - ✔✔Organization
A defined static range of IP addresses with an associated Nessus scanner is called a
_____________________. - ✔✔Scan Zone
A set of proprietary data files that stores scan results and resides on the Tenable.sc is known as a
_____________________. - ✔✔Repository
A script file used to collect and interpret vulnerability, compliance and configuration is a ____________. -
✔✔Plugin
What is the maximum size of a Tenable.sc repository? - ✔✔32 GB
T/F
The IP address you are scanning must be contained in both the definition of the scan zone and the
definition of the repository - ✔✔True
Author. Emily Charlene, ©2025 All Rights Reserved.
, 3|Page
What Tenable.sc role is responsible for setting up scan zones? - ✔✔Administrator
Per the ACAS contract, how can you get your Tenable.sc plugin updates? - ✔✔Automatically from
DISA's plugin server or manually form the DoD patch repository
According to the ACAS contract, what are the three allowable options for scanning stand alone networks?
- ✔✔1) Install both Nessus and Tenable on a Lunix system using the ACAS kickstart
2) Configure a windows OS with VM software, installing both Tenable and Nessus on the virtual
machines
3) Detach the Nessus system from Tenable and place it in the isolated enclave for scanning. Once
Scanning is complete, reattach Nessus to the tenable and manually upload scan results
Components of an actve vulnerability scan consist of: a scan policy, schedule, credentials, scan zone,
import repo and ________________. - ✔✔Targets
____________ are administrative-level usernames and passwords (or SSH keypairs) used in authenticated
scans? - ✔✔Credentials
Networks using dynamic host configuration protocol (SHCP) require that this active scan setting be
enabled to properly track hosts. - ✔✔Track hosts which have been issued new IP addresses
Which type of scan is able to run local checks? - ✔✔Credentialed
T/F
You may only select one import repository per scan - ✔✔TRUE
T/F
Author. Emily Charlene, ©2025 All Rights Reserved.
