ACAS (Assured Compliance Assessment
Solution) UPDATED ACTUAL Questions
and CORRECT Answers
ACAS (Assured Compliance Assessment Solution) - CORRECT ANSWER - is a network-
based security compliance and assessment capability designed to provide awareness of the
security posture and network health of DoD networks
SecurityCenter - CORRECT ANSWER - is the central console for the ACAS system tools
and data
ACAS components - CORRECT ANSWER - SecurityCenter
Nessus- active scanner
PVS (passive vulnerability scanner) - sniffs the network
3D tool/optional - port 443
ACAS components perform these main functions: - CORRECT ANSWER - - Discover
assets
- Detect vulnerabilities and data leaks
- Conduct configuration and compliance audits
- Publish findings to Continuous Monitoring and Risk Scoring (CMRS)
Plug-in - CORRECT ANSWER - displays a list of script files used by Nessus/PVS
scanners to collect and interpret vulnerability, compliance, and configuration data
Things that can be scanned for security data - CORRECT ANSWER - servers,
workstations, peripherals, Mobile device Management Servers, network servers
, PVS (Passive Vulnerability Scanner) - CORRECT ANSWER - watches and determines
vulnerabilities based on network traffic, instead of actively scanning
Compliance - CORRECT ANSWER - a state of being in accordance with established
guidelines, specifications or legislation, or the process of becoming so
CMRS ( Continuous Monitoring and Risk Scoring) - CORRECT ANSWER - a tool to
provide DoD component - and enterprise-level situational awareness by quantitatively displaying
an organization's security posture
Task Order 13-670 - CORRECT ANSWER - Implementation of ACAS
What is the 1st screen you see when you log in to SecurityCenter? - CORRECT
ANSWER - Dashboard
SecurityCenter Building Blocks - CORRECT ANSWER - -Organization
-Role, Group, and User Definition
-Scan Zone (and Nessus Scanners)
-Repository
-Plugin
Organization - CORRECT ANSWER - groups of individuals responsible for a set of
common assets
Scan Zones - CORRECT ANSWER - a defined static range of IP addresses that can be
scanned by one or more Nessus Scanners
Repositories - CORRECT ANSWER - are proprietary data files, residing on the Security
Center, that store scan results
Solution) UPDATED ACTUAL Questions
and CORRECT Answers
ACAS (Assured Compliance Assessment Solution) - CORRECT ANSWER - is a network-
based security compliance and assessment capability designed to provide awareness of the
security posture and network health of DoD networks
SecurityCenter - CORRECT ANSWER - is the central console for the ACAS system tools
and data
ACAS components - CORRECT ANSWER - SecurityCenter
Nessus- active scanner
PVS (passive vulnerability scanner) - sniffs the network
3D tool/optional - port 443
ACAS components perform these main functions: - CORRECT ANSWER - - Discover
assets
- Detect vulnerabilities and data leaks
- Conduct configuration and compliance audits
- Publish findings to Continuous Monitoring and Risk Scoring (CMRS)
Plug-in - CORRECT ANSWER - displays a list of script files used by Nessus/PVS
scanners to collect and interpret vulnerability, compliance, and configuration data
Things that can be scanned for security data - CORRECT ANSWER - servers,
workstations, peripherals, Mobile device Management Servers, network servers
, PVS (Passive Vulnerability Scanner) - CORRECT ANSWER - watches and determines
vulnerabilities based on network traffic, instead of actively scanning
Compliance - CORRECT ANSWER - a state of being in accordance with established
guidelines, specifications or legislation, or the process of becoming so
CMRS ( Continuous Monitoring and Risk Scoring) - CORRECT ANSWER - a tool to
provide DoD component - and enterprise-level situational awareness by quantitatively displaying
an organization's security posture
Task Order 13-670 - CORRECT ANSWER - Implementation of ACAS
What is the 1st screen you see when you log in to SecurityCenter? - CORRECT
ANSWER - Dashboard
SecurityCenter Building Blocks - CORRECT ANSWER - -Organization
-Role, Group, and User Definition
-Scan Zone (and Nessus Scanners)
-Repository
-Plugin
Organization - CORRECT ANSWER - groups of individuals responsible for a set of
common assets
Scan Zones - CORRECT ANSWER - a defined static range of IP addresses that can be
scanned by one or more Nessus Scanners
Repositories - CORRECT ANSWER - are proprietary data files, residing on the Security
Center, that store scan results
