ACAS TRAINING REVIEW EXAM
Questions with 100% Verified Answers
ALREADY GRADED A+ Latest Versions
2025
What is a Tenable Scan policy - ANSWERIn Tenable's Security Center (now part of
Tenable.sc for clarity), a scan policy is a comprehensive set of configurations that
dictate how vulnerability scans are conducted. It contains:
Plugin Settings: Defines which plugins are enabled or disabled for a scan. Plugins are
scripts that check for specific types of vulnerabilities.
Advanced Directives: These are configurations that fine-tune the scanning process,
adjusting it for specific requirements or environments.
When an administrator creates a scan policy in Tenable Security Center, they're
essentially setting up the rules and conditions under which a scan will operate. This
includes the depth of the scan, the types of vulnerabilities to look for, and how
aggressively the scan should attempt to identify potential security issues. T
Tenable.sc repostirories are - ANSWERA repository database is crucial for storing
detailed information about network vulnerabilities, compliance data, and other security-
related insights derived from scans across an organization's network. Key points about
the Tenable.sc repositories include:Repositories: The Tenable.sc database is organized
into repositories, which are specialized databases within Tenable.sc designed for
scalable and configurable data storage.
These repositories store detailed information collected during security and vulnerability
assessments .
JFHQ-DODIN TASKORD for ACAS deployment - ANSWERTASKORD 20-0020
ACAS acronym - ANSWERAssured Compliance Assessment Solution
What is the DoD Server feed for Tenable.sc plugins? - ANSWERDISA Plugin Server
ACAS architecture process step - ANSWERScan results are sent back to Tenable.sc
According to the ACAS Best Practices Guide/ACAS TASKORD, both Discovery and
Vulnerability Scans are to be credentialed.
True
False - ANSWERTrue
Per the TASKORD the organization will conduct discovery scans of the site's assigned
IP space (active and inactive IP addresses and ranges) at least once every how many
days?
Select the best answer (per the Best Practices Guide).
,a. 7
b. 14
c. 21
d. 30 - ANSWERd
Which of the custom DISA scan policies on the Patch Repository has most or all the
plugin families enabled?
Select the best answer.
a. OS Discovery
b. Vulnerability
c. Configuration
d. Differential - ANSWERb
It has been 8 days since your last full, credentialed vulnerability scan. What is your
current compliance status?
Select the best statement that reflects your compliance status.
a. In compliance because vulnerability scans are only required every 30 days
b. In compliance because vulnerability scans are only required every 14 days
c. Out of compliance because vulnerability scans are required every 7 days.
, d. Out of compliance because vulnerability scans required daily. - ANSWERc
Today is Friday, and you are getting ready to run your weekly vulnerability scans. Your
last discovery scan was performed on Monday.
Select the best statement that describes your compliance status.
a. In compliance because vulnerability scans are to be initiated no less than 14 days
after the discovery scan/operation is "Completed"
b. In compliance because active plugins must be updated no less than 7 days after the
discovery scan/operation is "Completed"
c. Out of compliance because vulnerability scans are to be initiated not later than (NLT)
72 hours after the discovery scan/operation is "Completed"
d. Out of compliance because vulnerability scans are to be initiated no less thank 24
hours after the discovery scan/operation is "Completed" - ANSWERc
What vulnerabilities are stored in Tenable.sc's Cumulative Repository?
Select the best answer.
a. Newly mitigated vulnerabilities
b. Vulnerabilities discovered from the most recent scan
c. Vulnerabilities discovered from the current days scan
d. Current vulnerabilities, including those that have been recast, accepted, or mitigated
and found vulnerable on rescan - ANSWERd
Cumulative Vulnerabilities
The cumulative database contains currently vulnerable vulnerabilities, including recast,
accepted, or previously mitigated vulnerabilities.
Mitigated Vulnerabilities
The mitigated database contains vulnerabilities that Tenable Security Center
determines are not vulnerable, based on the scan definition, the results of the scan, the
current state of the cumulative view, and authentication information.
Frequently used can be saved as for use in analysis,
dashboards, reports, tickets, and alerts.
Select the best answer to complete the statement.
a. plugins, tickets
b. scans, policies
c. filters, queries
d. filters, alerts - ANSWERc
Accept Risk allows user to accept risks for vulnerabilities which removes
them from the default view for analysis, dashboards, and reports. Per the
Best Practices Guide, any recast or accepted risk should be .
Select the answer(s) to complete the statement. - ANSWERAccepted by the AO at your
site/facility
Questions with 100% Verified Answers
ALREADY GRADED A+ Latest Versions
2025
What is a Tenable Scan policy - ANSWERIn Tenable's Security Center (now part of
Tenable.sc for clarity), a scan policy is a comprehensive set of configurations that
dictate how vulnerability scans are conducted. It contains:
Plugin Settings: Defines which plugins are enabled or disabled for a scan. Plugins are
scripts that check for specific types of vulnerabilities.
Advanced Directives: These are configurations that fine-tune the scanning process,
adjusting it for specific requirements or environments.
When an administrator creates a scan policy in Tenable Security Center, they're
essentially setting up the rules and conditions under which a scan will operate. This
includes the depth of the scan, the types of vulnerabilities to look for, and how
aggressively the scan should attempt to identify potential security issues. T
Tenable.sc repostirories are - ANSWERA repository database is crucial for storing
detailed information about network vulnerabilities, compliance data, and other security-
related insights derived from scans across an organization's network. Key points about
the Tenable.sc repositories include:Repositories: The Tenable.sc database is organized
into repositories, which are specialized databases within Tenable.sc designed for
scalable and configurable data storage.
These repositories store detailed information collected during security and vulnerability
assessments .
JFHQ-DODIN TASKORD for ACAS deployment - ANSWERTASKORD 20-0020
ACAS acronym - ANSWERAssured Compliance Assessment Solution
What is the DoD Server feed for Tenable.sc plugins? - ANSWERDISA Plugin Server
ACAS architecture process step - ANSWERScan results are sent back to Tenable.sc
According to the ACAS Best Practices Guide/ACAS TASKORD, both Discovery and
Vulnerability Scans are to be credentialed.
True
False - ANSWERTrue
Per the TASKORD the organization will conduct discovery scans of the site's assigned
IP space (active and inactive IP addresses and ranges) at least once every how many
days?
Select the best answer (per the Best Practices Guide).
,a. 7
b. 14
c. 21
d. 30 - ANSWERd
Which of the custom DISA scan policies on the Patch Repository has most or all the
plugin families enabled?
Select the best answer.
a. OS Discovery
b. Vulnerability
c. Configuration
d. Differential - ANSWERb
It has been 8 days since your last full, credentialed vulnerability scan. What is your
current compliance status?
Select the best statement that reflects your compliance status.
a. In compliance because vulnerability scans are only required every 30 days
b. In compliance because vulnerability scans are only required every 14 days
c. Out of compliance because vulnerability scans are required every 7 days.
, d. Out of compliance because vulnerability scans required daily. - ANSWERc
Today is Friday, and you are getting ready to run your weekly vulnerability scans. Your
last discovery scan was performed on Monday.
Select the best statement that describes your compliance status.
a. In compliance because vulnerability scans are to be initiated no less than 14 days
after the discovery scan/operation is "Completed"
b. In compliance because active plugins must be updated no less than 7 days after the
discovery scan/operation is "Completed"
c. Out of compliance because vulnerability scans are to be initiated not later than (NLT)
72 hours after the discovery scan/operation is "Completed"
d. Out of compliance because vulnerability scans are to be initiated no less thank 24
hours after the discovery scan/operation is "Completed" - ANSWERc
What vulnerabilities are stored in Tenable.sc's Cumulative Repository?
Select the best answer.
a. Newly mitigated vulnerabilities
b. Vulnerabilities discovered from the most recent scan
c. Vulnerabilities discovered from the current days scan
d. Current vulnerabilities, including those that have been recast, accepted, or mitigated
and found vulnerable on rescan - ANSWERd
Cumulative Vulnerabilities
The cumulative database contains currently vulnerable vulnerabilities, including recast,
accepted, or previously mitigated vulnerabilities.
Mitigated Vulnerabilities
The mitigated database contains vulnerabilities that Tenable Security Center
determines are not vulnerable, based on the scan definition, the results of the scan, the
current state of the cumulative view, and authentication information.
Frequently used can be saved as for use in analysis,
dashboards, reports, tickets, and alerts.
Select the best answer to complete the statement.
a. plugins, tickets
b. scans, policies
c. filters, queries
d. filters, alerts - ANSWERc
Accept Risk allows user to accept risks for vulnerabilities which removes
them from the default view for analysis, dashboards, and reports. Per the
Best Practices Guide, any recast or accepted risk should be .
Select the answer(s) to complete the statement. - ANSWERAccepted by the AO at your
site/facility
