ANNEX D: SECURITY (HBSS + ACAS)
UPDATED Exam Questions and
CORRECT Answers
Security Technical Information Guide (STIG) - CORRECT ANSWER - A carefully
crafted document that includes not only DoD policies and security regulations, but also up-todate
best practices and configuration guidelines. These guidelines are used for securing a specific
system or application in accordance with DoD requirements.
Host-Based Security Systems (HBSS) - CORRECT ANSWER - A host based security
system, which means it is located on the individual workstation or the host. Uses multiple
different modules to monitor, detect, and counter against known cyber threats.
Assured Compliance Assessment Solution (ACAS) - CORRECT ANSWER - Consists of a
suite of products to include Red Hat Enterprise Linux, Security Center, Nessus Scanner and the
Nessus Network Monitor (formerly the Passive Vulnerability Scanner) which is provided by
DISA to DoD Customers.
Public Key Infrastructure (PKI) - CORRECT ANSWER - A framework that consists of
hardware, software, people, processes, and policies, that together helps identify and solve
information security problems for you by establishing safe and reliable environment for
electronic transactions in the internet.
Public Key Encryption - CORRECT ANSWER - Protects the confidentiality, integrity,
authenticity and non-repudiation of data.
Why do we use HBSS - CORRECT ANSWER - US Cyber Command (USCYBERCOM)
mandates that HBSS be installed on every DoD system.
HBSS Components - CORRECT ANSWER - ePolicy Orchestrator Server, the McAfee
Agent, the distributed repositories, and the registered servers.
, McAfee Agent - CORRECT ANSWER - Its job is to provide a secure communication
channel to the ePO and manages all of the other modules that will be installed on the client
machine (VSE, HIPS, etc.).
Agent to Server Communication Interval (ASCI) - CORRECT ANSWER - Determines
how often the agent checks in with the ePO. Default is 60 minutes.
Agent to Server Communication (ASCI) - CORRECT ANSWER - Encrypted
communication using Secure Sockets Layer (SSL) or Transport Layer Security (TLS). All
encryption is 128-bit strength and, except for Mac OS X, is FIPS 140-2 compliant.
Wake-up calls - CORRECT ANSWER - When the ePO forces the managed machine to
initiate an ASCI outside of its normal interval.
ACAS Repositories - CORRECT ANSWER - Proprietary data files, residing on the
security center, that store scan results. Every time a scan is initiated, the scan results are imported
into one repository.
ACAS Repository Types - CORRECT ANSWER - Local, Remote, and Offline
Repositories
Local Repository - CORRECT ANSWER - Active repositories of Security Center data
collected via scanners attached to the local Security Center.
Remote Repository - CORRECT ANSWER - Contain IP address and vulnerability
information obtained via network synchronization with a second (remote) Security Center.
Offline Repository - CORRECT ANSWER - Enable Security Center to obtain repository
data via manual file export/import from a remote Security Center that is not network-accessible.
UPDATED Exam Questions and
CORRECT Answers
Security Technical Information Guide (STIG) - CORRECT ANSWER - A carefully
crafted document that includes not only DoD policies and security regulations, but also up-todate
best practices and configuration guidelines. These guidelines are used for securing a specific
system or application in accordance with DoD requirements.
Host-Based Security Systems (HBSS) - CORRECT ANSWER - A host based security
system, which means it is located on the individual workstation or the host. Uses multiple
different modules to monitor, detect, and counter against known cyber threats.
Assured Compliance Assessment Solution (ACAS) - CORRECT ANSWER - Consists of a
suite of products to include Red Hat Enterprise Linux, Security Center, Nessus Scanner and the
Nessus Network Monitor (formerly the Passive Vulnerability Scanner) which is provided by
DISA to DoD Customers.
Public Key Infrastructure (PKI) - CORRECT ANSWER - A framework that consists of
hardware, software, people, processes, and policies, that together helps identify and solve
information security problems for you by establishing safe and reliable environment for
electronic transactions in the internet.
Public Key Encryption - CORRECT ANSWER - Protects the confidentiality, integrity,
authenticity and non-repudiation of data.
Why do we use HBSS - CORRECT ANSWER - US Cyber Command (USCYBERCOM)
mandates that HBSS be installed on every DoD system.
HBSS Components - CORRECT ANSWER - ePolicy Orchestrator Server, the McAfee
Agent, the distributed repositories, and the registered servers.
, McAfee Agent - CORRECT ANSWER - Its job is to provide a secure communication
channel to the ePO and manages all of the other modules that will be installed on the client
machine (VSE, HIPS, etc.).
Agent to Server Communication Interval (ASCI) - CORRECT ANSWER - Determines
how often the agent checks in with the ePO. Default is 60 minutes.
Agent to Server Communication (ASCI) - CORRECT ANSWER - Encrypted
communication using Secure Sockets Layer (SSL) or Transport Layer Security (TLS). All
encryption is 128-bit strength and, except for Mac OS X, is FIPS 140-2 compliant.
Wake-up calls - CORRECT ANSWER - When the ePO forces the managed machine to
initiate an ASCI outside of its normal interval.
ACAS Repositories - CORRECT ANSWER - Proprietary data files, residing on the
security center, that store scan results. Every time a scan is initiated, the scan results are imported
into one repository.
ACAS Repository Types - CORRECT ANSWER - Local, Remote, and Offline
Repositories
Local Repository - CORRECT ANSWER - Active repositories of Security Center data
collected via scanners attached to the local Security Center.
Remote Repository - CORRECT ANSWER - Contain IP address and vulnerability
information obtained via network synchronization with a second (remote) Security Center.
Offline Repository - CORRECT ANSWER - Enable Security Center to obtain repository
data via manual file export/import from a remote Security Center that is not network-accessible.
