ACAS Training and Best Practice Review EXAM WITH MULTIPLE, CORRECTLY ANSWERED QUESTIONS ALREADY GRADED A+

ACAS Training and Best Practice
Review EXAM WITH MULTIPLE,
CORRECTLY ANSWERED QUESTIONS
ALREADY GRADED A+
A vulnerability will be marked as mitigated in the Tenable.sc repository if a subsequent
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




scan determines that the vulnerability is no longer present on the endpoint.
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




Select the correct answer. 7q 7q 7q




a. True
b. False - ANSWERa 7q 7q




7q Select the best answer. 7q 7q 7q




a. Active Scan View 7q 7q




b. Vulnerability Summary 7q




c. IP Summary 7q




d. Remediation Summary - ANSWERc 7q 7q 7q




Nessus Agents are lightweight Nessus scanners installed on the endpoint, according to the
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




ACAS Agent Rapid Deployment Guide.
7q 7q 7q 7q 7q




Select the best answer. 7q 7q 7q




a. True
b. False - ANSWERa 7q 7q




Per the Best Practices Guide, which of the following statements are true? Select
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




the correct answer(s).
7q 7q 7q




a. The TASKORD defines several target types on which Nessus Agents are required to be
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




installed.
7q




b. Nessus Agents can be installed on addition endpoints above TASKORD requirement.
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




c. Per the TASKORD organizations endpoints which leverage a Nessus Agents must
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




also be scanned with the Nessus active scanner using ACAS Best Practice Guide
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




Agent Differential scan policy.
7q 7q 7q 7q




d. If you use Nessus Agents, then you don't need any other scanning tools for ACAS.
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




e. All the above - ANSWERa b c
7q 7q 7q 7q 7q 7q




Nessus Agent and Manager use the same software.
7q 7q 7q 7q 7q 7q 7q

,Select the correct answer. 7q 7q 7q




a. True
b. False - ANSWERb 7q 7q




Per the Best Practices Guide, which of these statements is true. Select
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




7q the correct answers.
7q 7q




a. ACAS TASKORD 20-0020 FRAGO 3 clarifies that only DISA STIG Tenable Audit
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




files are to be used for configuration scanning in ACAS.
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




b. DISA SCAP-compliant, automated benchmarks are still acceptable for ingest into
7q 7q 7q 7q 7q 7q 7q 7q 7q




CMRS.
7q




c. Audit files are proprietary formatted XML files that define how ACAS should check for
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




configuration with a specified benchmark.
7q 7q 7q 7q 7q




d. Tenable distributes audit files via the the Tenable.sc Feed that is used to update
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




Tenable.sc
7q




e. None of the above - ANSWERa c d 7q 7q 7q 7q 7q 7q 7q




It has been 20 days since your last configuration (STIG) scan. Per FRAGO 2 of the Task
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




Order 20-0020, which of the following statements reflects your current compliance status?
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




Select the best answer. 7q 7q 7q




In compliance because configuration scans are only required every 30 days. In
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




compliance because vulnerability scans are only required every 21 days. Out
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




of compliance because configuration scans are required every 14 days. Out of
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




compliance because vulnerability scans are required every single day. -
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




ANSWERa
7q




Choose the Tenable.sc Severity Level that corresponds to the Configuration result.
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




Tenable re-used severity levels for configuration results.
7q 7q 7q 7q 7q 7q 7q




a. Critical
b. High
c. Medium
d. Info - ANSWERa. Not used with configuration
7q 7q 7q 7q 7q 7q




b. Failed configuration check 7q 7q




c. Unable to Determine/Error 7q 7q




d. Passed configuration check 7q 7q




Per the ACAS Best Practices Guide, which of the following Tenable.sc resources are
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




proprietary formatted XML files that define how ACAS should check for configuration
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




with a specified STIG?
7q 7q 7q 7q

, Select the best answer: 7q 7q 7q




a. Credentials
b. Queries
c. Policies
d. Audit Files - ANSWERd 7q 7q 7q




The Tenable Nessus vulnerability scanner allows you to perform compliance audits of
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




numerous platforms including (but not limited to) databases, Cisco, Unix, and Windows
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




configurations as well as sensitive data discovery based on regex contained in audit files.
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




Audit files are XML-based text files that contain the specific configuration, file
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




permission, and access control tests to be performed.
7q 7q 7q 7q 7q 7q 7q 7q




Log intoTenableSecurity Center viatheuser interface. Click
7q 7q 7
q 7
q 7q 7q 7
q 7q 7q 7q




Scans > Audit Files.
7q 7q 7q 7q




The Audit Files page appears.
7q 7q 7q 7q




Scan zone -ANSWERScan zones areareasof your network that youwanttotarget in an active
7q 7q 7q 7q 7q 7q 7
q 7q 7q 7q 7q 7q 7
q 7q 7q 7q 7q




scan
7q




AssociatesanIP address or range of IP addresses withone or more scanners 7
q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




Youmust create scan zones in order to run active scans in Tenable Security Center.
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




CVSS vs.VPR -ANSWERCVSS is theoverall score assigned toa vulnerability. CVE is
7q 7
q 7q 7q 7q 7q 7q 7q 7q 7q 7
q 7q 7q 7q




simply a list of all publicly disclosed vulnerabilities that includes the CVE ID, a
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




description, dates, and comments. The CVSS score is not reported in the CVE listing - you
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




must use the NVD to find assigned CVSS scores.
7q 7q 7q 7q 7q 7q 7q 7q 7q




Tenable calculates a dynamic VPR for most vulnerabilities. The VPR is a dynamic
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




companion to the data provided by the vulnerability's CVSS score, since Tenable
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




updates theVPR to reflect the current threat landscape. VPR values rangefrom 0.1- 10.0, with
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




a higher value representing a higher likelihood of exploit.
7q 7q 7q 7q 7q 7q 7q 7q 7q




Note: When you view these metrics on an analysis page organized by plugin (for
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




example, the Vulnerabilities page), the metrics represent the highest value assigned or
7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q 7q




calculated for a vulnerability associated with the plugin.
7q 7q 7q 7q 7q 7q 7q 7q




Nessus scanners -ANSWERCollectsdata andreportsresults toTenable.sc console CAT II
7q 7q 7
q 7
q 7q 7q 7
q 7q 7q 7q 7q 7q




7q vulnerability weight - ANSWER4 7q 7q 7q




CAT I vulnerability weight - ANSWER10
7q 7q 7q 7q 7q




JFHQ-DODIN Order - ANSWERTASKORD 20-0020 7q 7q 7q 7q