ACAS Review Questions and Answers 2022 with complete solution

ACAS Review Questions and Answers 2022 with complete solution Components of an Active Vulnerability Scan consist of: A policy, credentials, scan zone, schedule, ________, and _________. Repository and Target List ______ are administrative level usernames and passwords used in authenticated scans? Credentials True/False: You can associate multiple credentials with a single scan True Networks using DHCP require what Active Scan setting be enabled to properly track hosts Track hosts which have been issued new IP addresses Which type of scan obtains information by authenticating to the host access resources not available over the network Credentialed True/False: You may only select one import repository per scan True True/False: Once a scan is running, you cannot pause or stop it until it is completed False Which Port Scanning Range option tells the scanner to scan only common ports? Default In a low-bandwidth environment, which options might you adjust to try to improve scanning performance? Max Simultaneous Checks Per Host and Max Simultaneous Hosts Per Scan What is the function of Performance Options in the Scan Policy? Determines the impact of a scan related to scan times and network behavior You can configures the targets for you Blackout Window to include... All Systems, Assets, IPs, Mixed Which Scan Policy types allows you to select Plugin Families you want? Custom Advanced Scan What is an organization? A group of individuals who are responsible for a set of common assets What is a scan zone? A defined static range of IP addresses with an associated Nessus scanner What is the maximum size of a SecurityCenter 5 Repository? 32GB True/False: The IP addresses you are scanning must be contained in both the definition of the scan zone and the definition of the repository True What SecurityCenter Role is responsible for setting scan zones? Admin How can you get your SecurityCenter Plugin updates? Automatically from DISA's plugin server or Manually from the DoD Patch Repository True/False: The SecurityCenter Plugins menu displays a list of script files used by Nessus and PVS scanners to collect and interpret vulnerability, compliance, and configuration data. True Which options can you consider for scanning stand-alone networks. Install both Nessus and SecurityCenter on a Linux Laptop using Kickstart or in a virtual machine on a Windows 7 laptop. Also, you may Detach a Nessus scanner from its SecurityCenter for scanning purposed and then reattach to SecurityCenter to upload scan results Which page loads by default when you log in to SecurityCenter? Dashboard Which of the pages show the date and time of the most recent plugin updates? Feeds or Plugins Which page allows you to set your local time zone Profile True/False: Asset lists are dynamically or statically generated lists of hosts True Which type of asset list updates automatically when a scan runs and a repository is updated? Dynamic What is a static asset list? A list of IP addresses that require user intervention in order to change what defines them What two ways can you use to add a dynamic asset list? Use a template or create a set of rules When you create a dynamic asset list, what occurs? SecurityCenter queries the repository to find assets that match the dynamic asset list's rules True/False: Users in different groups using the same shared asset list could see different IP addresses in the list True What two areas in Security Center allow you to analyze scan results? The Scan Results page and The Vulnerabilities page True/False: SecurityCenter displays vulnerability data at varying levels and views ranging from the highest level summary down to a detailed vulnerability list. True What vulnerabilities are stored in SecurityCenter's Cumulative database Current vulnerabilities, including those that have been recast, accepted, or mitigated and found vulnerable on rescan. Which analysis tool provides a list of vulnerabilities that relate to DoD Information Assurance Vulnerability Alerts and Bulletins? IAVM Summary Vulnerability filters are available to search on what categories Vulnerability Information, Targets, ID Numbers, and Dates Frequently used ______ can be saved as ______ for use in analysis, dashboards, reports, tickets, and alerts. Filters, Queries Vulnerability results can be exported to a comma-separated file by clicking on ____. Options > Export as CSV Which of the following allows you to set an expiration date? Accepted Risk Which SecurityCenter resources allow you to combine filters to provide to provide customized, saved views of vulnerability scan data? Queries PVS monitors data at the ____ layer? Packet All of the following are benefits of PVS except ____; 1. Network deployment on several different Operating Systems 2. Monitoring your network between active scans 3. Identifying vulnerabilities in areas where you cannot actively scan 4. Eliminating the need for active scans 4. Eliminating the need for active scans Which of the following statements is true: 1. PVS is capable of highlighting all interactive and encrypted network sessions 2. PVS is capable of decrypting encrypted network sessions 1. PVS is capable of highlighting all interactive and encrypted network sessions True/False: A Passive Vulnerability Scanner is simply a Network Intrusions Detection System (NIDS) False Which vulnerability filter settings results in viewing only vulnerabilities detected by PVS Plugin Type = Passive Systems and devices are compliant when they are ______ In accordance with established guidelines, specifications or legislation. True/False: Compliance auditing identifies deviations from a defined standard, whereas, vulnerability management finds weaknesses that could lead to compromise. True True/False: You system can suffer a security breach and still be compliant True Acceptable audit files for SecurityCenter include... Tenable Network Security Templates (SC Feed), DISA STIG Automated Benchmarks (Ingested in .zip format), and SCAP compliant checklists from NIST (.xccdf) Which SecurityCenter menu option do you use to upload audit files? Scans In addition to a Nessus scanner, what are the components of a SecurityCenter compliance audit. compliance plugins, Audit file, system, or Database credentials. Which vulnerability severity level indicates a failed compliance item? High Which SecurityCenter resources define specific configurations for compliance scanning? Audit Files Which of the following is not a valid SecurityCenter report type? 1. CSV 2. HTML 3. ARF 4. RTF 5. ASR 6. PDF HTML You've just added a new report using a template. Which option allows you to specify an Asset (List), IP Address, and/or Repository? Focus Which report tab allows you to customize your report elements? Definition True/False: You can change the report type of an existing custom report False Which Distribution option allows you to send report results to a user in a different organization? Email Addresses True/False: You can add a dashboard from a pre-built dashboard template or create a custom dashboard True The Dashboard Options button displays which of the following selections? 1. Add Dashboard 2. Manage Dashboards 3. Edit Dashboard 4. Share Dashboard 5. All of the Above All of the Above Which of the following types of information can you display on your Dashboard in SecurityCenter? 1. Compliance Data 2. Vulnerability Data 3. Trends 4. Organizational Structure 5. All of the Above All of the Above What new functionality was added in SecurityCenter 5 under the Dashboard menu? Assurance Report Cards All of these are examples of Dashboard components except which one? 1. Table 2. Pie Chart