IOS-CSCS VMO QUESTIONS AND ANSWERS
Lt Col mo ordered that all High Vulnerabilities be patched. How long do you have to
submit an action plan? - Answer -1 month
Lt Col Vmo has ordered that the new web site for 39 IOS Det 2 be scanned.
Which Vulnerabiliy Detection scan will you perform? - Answer -Application Scan
Lt Col mo has ordered that the recent network security posture changes on all Routers
be verified.
Which Vulnerability Scanning will you complete? - Answer -Network Based Scan
Lt Col Vmo has ordered a "deep" dive scan of the new endpoint client systems.
Which scan would allow a thorough check looking for problems that cannot be seen
from the network? - Answer -Host Based Scans
Lt Col Vmo has ordered a "simulated" attack be conducted on the new endpoint client
systems.
Which scan can uncover weaknesses that a potential hacker would spot? - Answer -
Database Scans
Definition of Vulnerability remediation - Answer -Fixing of cybersecurity weaknesses
What does active scan check of online systems? - Answer -Ports/Protocols
What can be disruptive sometimes, having a negative effect on the network, device, or
application being
tested? - Answer -Non-credential
The base CFP are responsible for - Answer -Assisting NOS/COS with remediation
When are Plans of Action & Milestones (POA&Ms) required? - Answer -Dates for
certain orders cannot be met
What is the 3-Tier Prioritization Model, and time association? - Answer -Normal-11
days, Priority-3 days, Emergency-24 hrs
VMOs must validate countermeasures and orders are __________
before implementation? - Answer -Approved
What are the seven (7) countermeasures used for vulnerability remediation? - Answer -
Configure changes, installation of software, removal of software, searching/removing
malicious files, upgrade of applications, reinstall OS's, correction of system
configurations
, What acts as the central console for ACAS? - Answer -Tenable.sc
What is continuously looking for new hosts without requiring the need for active
scanning? - Answer -NMM
What collects data from the LCE clients, and then normalizes that data? - Answer -LCE
Server
What is installed on hosts to monitor and collect events? - Answer -LCE clients
Define term repository - Answer -Folder containing many proprietary data files
What is the repository file size limit? - Answer -32GB
What can have access to the same repository, allowing for shared data? - Answer -
Multiple Organizations
What are the five different types of repositories you can add to Tenable.sc? - Answer -
Remote, Offline, Local (IPv4, IPv6, Mobile)
What are plugins and what language are they written in? - Answer -Nessus Attack
Scripting Language
What are the five (5) categories for plugins that deal with the specific protocol? -
Answer -DNS, FTP, RPC, SMTP, SNMP
What are the required user roles to configure plugin options and must have appropriate
permissions? - Answer -Administrator
List limitations of Nessus Scanner: - Answer -Does not remediate vulnerability, shared
resources among multiple bases, scans can be time consuming, high network
bandwidth, scans for known vulnerabilities, scans require credentials
What is recommended on a small environments (< 2.000 hosts) for ACAS deployment?
- Answer -Deploying 2 or 3 hosts in a day
What requires a separate license or Activation Code for ACAS? - Answer -Tenable,
Nessus Manager, and LCE
List requirements to launch the web interface on a STIG configured web browser: -
Answer -Web browser, URL to trusted sites
When does Tenable.sc save a snapshot of the entire vulnerability archive? - Answer -
What causes Nessus' vulnerability checks, host enumeration, and operating system
identification to be
Lt Col mo ordered that all High Vulnerabilities be patched. How long do you have to
submit an action plan? - Answer -1 month
Lt Col Vmo has ordered that the new web site for 39 IOS Det 2 be scanned.
Which Vulnerabiliy Detection scan will you perform? - Answer -Application Scan
Lt Col mo has ordered that the recent network security posture changes on all Routers
be verified.
Which Vulnerability Scanning will you complete? - Answer -Network Based Scan
Lt Col Vmo has ordered a "deep" dive scan of the new endpoint client systems.
Which scan would allow a thorough check looking for problems that cannot be seen
from the network? - Answer -Host Based Scans
Lt Col Vmo has ordered a "simulated" attack be conducted on the new endpoint client
systems.
Which scan can uncover weaknesses that a potential hacker would spot? - Answer -
Database Scans
Definition of Vulnerability remediation - Answer -Fixing of cybersecurity weaknesses
What does active scan check of online systems? - Answer -Ports/Protocols
What can be disruptive sometimes, having a negative effect on the network, device, or
application being
tested? - Answer -Non-credential
The base CFP are responsible for - Answer -Assisting NOS/COS with remediation
When are Plans of Action & Milestones (POA&Ms) required? - Answer -Dates for
certain orders cannot be met
What is the 3-Tier Prioritization Model, and time association? - Answer -Normal-11
days, Priority-3 days, Emergency-24 hrs
VMOs must validate countermeasures and orders are __________
before implementation? - Answer -Approved
What are the seven (7) countermeasures used for vulnerability remediation? - Answer -
Configure changes, installation of software, removal of software, searching/removing
malicious files, upgrade of applications, reinstall OS's, correction of system
configurations
, What acts as the central console for ACAS? - Answer -Tenable.sc
What is continuously looking for new hosts without requiring the need for active
scanning? - Answer -NMM
What collects data from the LCE clients, and then normalizes that data? - Answer -LCE
Server
What is installed on hosts to monitor and collect events? - Answer -LCE clients
Define term repository - Answer -Folder containing many proprietary data files
What is the repository file size limit? - Answer -32GB
What can have access to the same repository, allowing for shared data? - Answer -
Multiple Organizations
What are the five different types of repositories you can add to Tenable.sc? - Answer -
Remote, Offline, Local (IPv4, IPv6, Mobile)
What are plugins and what language are they written in? - Answer -Nessus Attack
Scripting Language
What are the five (5) categories for plugins that deal with the specific protocol? -
Answer -DNS, FTP, RPC, SMTP, SNMP
What are the required user roles to configure plugin options and must have appropriate
permissions? - Answer -Administrator
List limitations of Nessus Scanner: - Answer -Does not remediate vulnerability, shared
resources among multiple bases, scans can be time consuming, high network
bandwidth, scans for known vulnerabilities, scans require credentials
What is recommended on a small environments (< 2.000 hosts) for ACAS deployment?
- Answer -Deploying 2 or 3 hosts in a day
What requires a separate license or Activation Code for ACAS? - Answer -Tenable,
Nessus Manager, and LCE
List requirements to launch the web interface on a STIG configured web browser: -
Answer -Web browser, URL to trusted sites
When does Tenable.sc save a snapshot of the entire vulnerability archive? - Answer -
What causes Nessus' vulnerability checks, host enumeration, and operating system
identification to be
