What is ACAS? - ANSWER ACAS is a network-based security compliance and
assessment capability
designed to provide awareness of the security posture and network health of
DoD networks.
Which of the following best describes the SecurityCenter? - ANSWER The central
console that provides continuous asset-based security and
compliance monitoring
A vulnerability is a weakness or an attack that can compromise your system. -
ANSWER False (a vulnerability does not include an attack)
The Nessus scanner monitors data at rest, while the PVS monitors data in motion. -
ANSWER True
PVS detects vulnerabilities based on network traffic instead of actively scanning
hosts. - ANSWER True
Which ACAS component performs active vulnerability and compliance scanning? -
ANSWER Nessus
CMRS is a tool to provide DoD component- and enterprise-level situational
awareness by quantitatively displaying an organization's security posture. -
ANSWER True
Select the Task Order for the Implementation of Assured Compliance Assessment
Solution (ACAS) for the Enterprise: - ANSWER 13-670
Which page loads by default when you log in to SecurityCenter? Select the best
answer. - ANSWER Dashboard
Which of the following pages show the date and time of the most recent plugin
updates? - ANSWER Plugins, Feeds
Which page allows you to set your local time zone? - ANSWER Profile
What is an organization? - ANSWER A group of individuals who are responsible for
a set of common assets
What is a scan zone? - ANSWER A defined static range of IP addresses with an
associated Nessus scanner(s)
What is the maximum size of a SecurityCenter 5 Repository? - ANSWER 32 GB
The IP address(es) you are scanning must be contained in both the definition of the
scan zone and the definition of the repository. - ANSWER True
, What SecurityCenter role is responsible for setting up scan zones? - ANSWER
Administrator
How can you get your SecurityCenter plugin updates? - ANSWER Automatically,
from DISA's plugin server, Manually from the DoD Patch Repository
The SecurityCenter Plugins menu displays a list of script files used by Nessus and
PVS scanners to collect and interpret vulnerability, compliance, and configuration
data. - ANSWER True
Which of the following are options you can consider for scanning stand-alone
networks? - ANSWER Install both Nessus and SecurityCenter on a Linux Laptop
using Kickstart, Install both Nessus and SecurityCenter in virtual machines on a
Windows 7 laptop, Detach a Nessus scanner from its SecurityCenter for scanning
purposes and then reattach to SecurityCenter to upload scan results
Components of an Active Vulnerability Scan consist of: a policy, credentials, scan
zone, schedule, _________, and __________. - ANSWER Repository, Target list
_________ are administrative-level usernames and passwords (or SSH keypairs)
used in authenticated scans? - ANSWER Credentials
You can associate multiple credentials with a single scan. - ANSWER True
Networks using Dynamic Host Configuration Protocol (DHCP) require that this Active
Scan setting be enabled to properly track hosts. - ANSWER Track hosts which have
been issued IP addresses
Which type of scan obtains information by authenticating to the host to access
resources not available over the network. - ANSWER Credentialed
You may only select one import repository per scan. - ANSWER True
Once a scan is running, you cannot pause or stop the scan until it has completed
running. - ANSWER False
Which Port Scanning Range option tells the scanner to scan only common ports? -
ANSWER default (of 4605 common ports)
In a low-bandwidth environment, which of the following options might you adjust to
try to improve scanning performance? - ANSWER Max Simultaneous Checks Per
Host, Max Simultaneous Hosts Per Scan
What is the function of Performance Options in the Scan Policy? - ANSWER
Determines the impact of a scan related to scan times and network behavior
You can configure the targets for your Blackout Window to include which of the
following? - ANSWER All Systems, Assets, IPs, Mixed
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller leonardmuriithi061. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $17.89. You're not tied to anything after your purchase.