Download ACAS Exam Questions with 100% Correct Answers | Verified | Updated 2024 and more Exams Advanced Education in PDF only on Docsity! ACAS Exam Questions with 100% Correct Answers | Verified | Updated 2024 The ACAS product suite is - Correct Answer-a commercial-off-the-shelf solution from Tenable Network Security, which can detect known Cyberthreats to Air Force enterprise assets. Agent-less Scalable Solution Network Discovery Compliance Reporting Why is ACAS Important? - Correct Answer---The only DISA approved Vulnerability Scanning tool --USCYBERCOM Tasking Order 17- 0019 - Assured Compliance Assessment Solution (ACAS) Operational Guidance --Identifies a wide variety of vulnerabilities for your base --Identifies computers, servers, printers, switches, routers and IP phones on your base --Allows for a graphical view of your vulnerabilities for leadership ACAS Components - Correct Answer---ACAS components: Tenable SecurityCenter Nessus Scanners --One SecurityCenter per MAJCOM and two Nessus Scanners per site --Each Nessus Scanner can handle a Maximum of 2500 IPs --Nessus scanners can be physical or virtual What is an Organization? - Correct Answer---Primary object within SecurityCenter used to group users and assign resources and permissions --Air Force Organizations are grouped by base location Ex. Ramstein Organization, Langley Organization Scan Zones - Correct Answer---Defines the IP ranges associated with the scanner along with organizational access --SecurityCenter allows defined Organizations to be configured with two different scan zone modes: "selectable" and "forced" Network Address Declaration Form (NAD) - Correct Answer---Form filled out by base comm squadrons that lays out all IP addresses within their Communications Circuit System Designator (CCSD) --Official document for appointment letters for VAT (Vulnerability Assessment Technician) --NOT Classified Secret when filled out IAW DISA Circular 300-115-3 DISN SIPRNet Security Classification Guide --Submit via SIPR Remedy ticket assigned to the "AFNET EITSM > CSCS > Vulnerability Assessment" queue --Minimum once every six months What is a Repository - Correct Answer-A database of vulnerability data defined by one or more ranges of IP addresses or mobile data types. SecurityCenter integrates - Correct Answer-repositories of vulnerability data that are shared as needed among users and organizations based on manager-defined assets. The NOS/COS have created each base each of the following repositories: - Correct Answer->Credentialed Scan Data >Non-Credentialed Scan Data >Compliance Scan Data The blackout window in SecurityCenter - Correct Answer->>specifies a timeframe where new scans are prohibited from launching >>Prevents remediation or ad-hoc scans from being performed during timeframes when they are not desired, such as production hours !! Warning - Current running scans are stopped at the beginning of the blackout window period Blackout windows are set - Correct Answer-using the Organization account at the base by the servicing NOS/COS. ACAS Limitations - Correct Answer->>ACAS CANNOT apply patches or alter configuration settings, only reports scan findings >>Too many concurrent tasks can overload/lock database and cease functions >>Nessus scanners require base technicians to troubleshoot and perform regular touch maintenance in correlation with AFLCMC/PMO. >>Number of accounts can impact performance 2 accounts per site, per network MUST be associated with CAC (2FA) >>Can only scan internal base network. Monthly Scanning Mission - Correct Answer->>TASKORD 17-0019 and VM MPTO 00- 33A-0019 >>The base must conduct monthly vulnerability and audit scans >>All active IP ranges must be scanned, every asset with an IP address in these ranges must be included Dashboard Components in Asset Lists - - Correct Answer-you can use asset lists when creating custom dashboard components Scanning in Asset Lists- - Correct Answer-you can use asset lists to specify the targets to be scanned Reporting in Asset Lists- - Correct Answer-you can report on scan results by asset list Groups in Asset Lists - - Correct Answer-you can define/restrict what IPs a group of users can scan and which scan results they can see Types of Asset Lists in SecurityCenter - Correct Answer->>Static IP List - IP addresses to include within the asset list (20 K character limit). One address, CIDR address, or range can be entered per line or can be imported from a saved file >>DNS Name List - Based on the DNS hostnames for the asset list to based upon. (does not work on the AFNET) >>Dynamic - Defines the rules for creating a dynamic asset list. Hovering over an existing rule will give the ability to add, edit, or delete a group or a rule to the definition Static IP List - - Correct Answer-IP addresses to include within the asset list (20 K character limit). One address, CIDR address, or range can be entered per line or can be imported from a saved file DNS Name List - - Correct Answer-Based on the DNS hostnames for the asset list to based upon. (does not work on the AFNET) Dynamic - - Correct Answer-Defines the rules for creating a dynamic asset list. Hovering over an existing rule will give the ability to add, edit, or delete a group or a rule to the definition Asset lists can be - Correct Answer->>created by manually adding IP addresses, IP address ranges or CIDR blocks >>include or exclude the contents of existing asset lists from the IP addresses you have entered Scan Scheduling - Correct Answer->>can make a large scanning job more efficient by having a vulnerability scan begin once its corresponding discovery scan is complete Try changing your example vulnerability scan template to be dependent on your discovery scan template >>By utilizing scheduling you can set the scan to start at a specific time or date Credentials - Correct Answer->>Reusable objects that facilitate scan target login >>Various types of credentials can be configured for use within scan policies >>Credentials may be shared between users for scanning purposes >>When shared, the other users cannot see a cleartext version of the passwords This enables sensitive credential sets to be shared in a more secure manner SSH Credential - - Correct Answer->>Used on routers, switches, firewalls and any other system that requires SSH >>(password with optional privilege escalation and key-based) - SSH credentials are used to obtain local information from remote Unix and Cisco IOS systems for patch auditing or compliance checks SNMP Credential - - Correct Answer-Uses a community string (password) no user name Kerberos Credential - - Correct Answer-Uses the basis of 'tickets' to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. Database Credential - - Correct Answer-Used if scanning a particular database that has its own credentials Windows Credential - - Correct Answer-Nessus has vulnerability checks that can use a Microsoft Windows domain account to find local information from a remote Windows host. The most effective credentialed scans are - Correct Answer-those with "root" privileges ("enable" privileges for Cisco IOS) Scans run using "su+sudo" allow users to login - Correct Answer-to the remote host with a non-privileged account and then scan with "sudo" privileges on the remote host. This is important for locations where remote privileged login is prohibited. Non-Credentialed Scan - Correct Answer->>(Network Scanning) Determines the availability of network services and obtains information by examining the response from the target May launch additional processes on the target No credentials are required Advantages of network Non-Credentialed scans: - Correct Answer->>Probes hosts from outside the target using port scanning, service identification and other techniques >>Provides an effective method of scanning hosts that do not allow remote logins, or do not allow SSH, SMB or other login methods from the outside >>Gives the analyst a picture of what is seen from "outside the host" Some disadvantages of network Non-Credentialed scanning include: - Correct Answer- Generate more network traffic Runs slower (typically) Provides less complete vulnerability information Credentialed scan (Used for Vulnerability Scan) - - Correct Answer->>Obtains information by authenticating to the host to access resources not available over the network >>Significantly reduces the chance the scan will negatively impact the system Uses local checks to obtain system information, making the scan less likely to crash network applications and services By leveraging local access, Nessus can typically enumerate all open services using netstat in under a minute Advantages of credentialed scans: - Correct Answer--Uses login credentials to connect to a given host and execute commands on the host to determine potential vulnerabilities -Gives more complete results -Runs faster (typically) -Provides patch analysis a Discovery Scan Template - Correct Answer-Templates allow users to create scan policies based on industry standards Scan templates for discovery scans can be downloaded from the DISA patch repository Templates require minor configurations such as, credentials to use, set repository, and select targets Plugins are - Correct Answer->>scripts used by the Nessus scanners to interpret vulnerability data >>For ease of operation, Nessus plugins are managed centrally by SecurityCenter and pushed out to their respective scanners Three types of Plugins - Correct Answer-Active Passive Event You can make a large scanning job more efficient - Correct Answer-by having a Vulnerability scan begin once a staggered discovery scan is complete Do not scan - Correct Answer-more than 2500-5000 (depending upon the number of scanners and hardware configuration) hosts in a single scan job As the number of hosts in a scan job increases, - Correct Answer-the performance of the scan job decreases A single large scan job can be - Correct Answer-broken into multiple scheduled jobs True/False Asset lists are dynamically or statically generated lists of hosts - Correct Answer-True