Annex D Part III - Assured Compliance Assessment Solution (ACAS) Questions with 100% Correct Answers | Verified | Latest Update 2024, Complete Solutions

Annex
D:
Part
III
-
Assured
Compliance
Assessment
Solution
(ACAS)
________________
only
scans
for
and
reports
on
automated
checks
-
ANS-ACAS
________________
only
scans
for
and
reports
on
automated
checks
-
ANS-ACAS
__________________
are
text
files
that
contain
the
specific
configuration,
file
permission,
and
access
control
tests
to
be
performed.
-
ANS-Audit
Files
__________________
are
text
files
that
contain
the
specific
configuration,
file
permission,
and
access
control
tests
to
be
performed.
-
ANS-Audit
Files
____________________
is
retained
according
to
administrator-defined
expiration
settings
-
ANS-Scan
Data
____________________
is
retained
according
to
administrator-defined
expiration
settings
-
ANS-Scan
Data
_____________________
are
proprietary
data
files,
residing
on
the
security
center,
that
store
scan
results
-
ANS-Repositories
_____________________
are
proprietary
data
files,
residing
on
the
security
center,
that
store
scan
results
-
ANS-Repositories
_______________________
contain
IP
address
and
vulnerability
information
obtained
via
network
synchronization
with
a
second
(remote)
Security
Center
-
ANS-Remote
Repositories
_______________________
contain
IP
address
and
vulnerability
information
obtained
via
network
synchronization
with
a
second
(remote)
Security
Center
-
ANS-Remote
Repositories
___________________are
active
repositories
of
Security
Center
data
collected
via
scanners
attached
to
the
local
Security
Center
-
ANS-Local
repositories
___________________are
active
repositories
of
Security
Center
data
collected
via
scanners
attached
to
the
local
Security
Center
-
ANS-Local
repositories
___________________enable
Security
Center
to
obtain
repository
data
via
manual
file
export/import
from
a
remote
Security
Center
that
is
not
network-accessible
-
ANS-Office
Repositories ___________________enable
Security
Center
to
obtain
repository
data
via
manual
file
export/import
from
a
remote
Security
Center
that
is
not
network-accessible
-
ANS-Office
Repositories
____________,
______________,
and
____________
are
the
three
types
of
repositories
-
ANS-Local,
Remote,
and
Offline
____________,
______________,
and
____________
are
the
three
types
of
repositories
-
ANS-Local,
Remote,
and
Offline
A
repository
has_________
a
GB
limit
and
is
not
organization
specific.
-
ANS-32
A
repository
has_________
a
GB
limit
and
is
not
organization
specific.
-
ANS-32
ACAS
Repositories
-
ANS-1.
Local
2.
Remote
3.
Offline
ACAS
Repositories
-
ANS-1.
Local
2.
Remote
3.
Offline
Access
to
a
repository
is
controlled
by:
-
ANS-The
administrator
Access
to
a
repository
is
controlled
by:
-
ANS-The
administrator
Compliance
-
ANS-DISA
will
generate
the
STIGs
based
on
secure
recommendations
from
software
vendors.
Then
the
STIG
configuration
settings
are
converted
to
SCAP
content,
imported
into
Security
Center,
and
used
by
Nessus
Scanners
to
audit
asset
configurations
for
compliance
Compliance
-
ANS-DISA
will
generate
the
STIGs
based
on
secure
recommendations
from
software
vendors.
Then
the
STIG
configuration
settings
are
converted
to
SCAP
content,
imported
into
Security
Center,
and
used
by
Nessus
Scanners
to
audit
asset
configurations
for
compliance
Defining
Audit
Files
-
ANS--text
files
that
contain
the
specific
configuration
-file
permission
-access
control
tests
to
be
performed.
come
from:
1)
Tenable
network
security
templates
(SC
5)
2)
DISA
STIG
automated
benchmarks
(.zip)