Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

ACAS Exam Review Questions with 100% Correct Answers | Verified | Updated 2024, Exams of Advanced Education

ACAS Exam Review Questions with 100% Correct Answers | Verified | Updated 2024 Components of an Active Vulnerability Scan consist of: A policy, credentials, scan zone, schedule, ________, and _________. - Correct Answer-Repository and Target List ______ are administrative level usernames and passwords used in authenticated scans? - Correct Answer-Credentials True/False: You can associate multiple credentials with a single scan - Correct Answer-True Networks using DHCP require what Active Scan setting be enabled to properly track hosts - Correct Answer-Track hosts which have been issued new IP addresses Which type of scan obtains information by authenticating to the host access resources not available over the network - Correct Answer-Credentialed True/False: You may only select one import repository per scan - Correct Answer-True True/False: Once a scan is running, you cannot pause or stop it until it is completed - Correct Answer-False

Typology: Exams

2023/2024

Available from 07/18/2024

professoraxel
professoraxel 🇺🇸

3.7

(28)

10K documents

1 / 9

Toggle sidebar

Related documents


Partial preview of the text

Download ACAS Exam Review Questions with 100% Correct Answers | Verified | Updated 2024 and more Exams Advanced Education in PDF only on Docsity!

ACAS Exam Review Questions with

100% Correct Answers | Verified |

Updated 2024

Components of an Active Vulnerability Scan consist of: A policy, credentials, scan zone, schedule, ________, and _________. - Correct Answer-Repository and Target List ______ are administrative level usernames and passwords used in authenticated scans? - Correct Answer-Credentials True/False: You can associate multiple credentials with a single scan - Correct Answer- True Networks using DHCP require what Active Scan setting be enabled to properly track hosts - Correct Answer-Track hosts which have been issued new IP addresses Which type of scan obtains information by authenticating to the host access resources not available over the network - Correct Answer-Credentialed True/False: You may only select one import repository per scan - Correct Answer-True True/False: Once a scan is running, you cannot pause or stop it until it is completed - Correct Answer-False Which Port Scanning Range option tells the scanner to scan only common ports? - Correct Answer-Default In a low-bandwidth environment, which options might you adjust to try to improve scanning performance? - Correct Answer-Max Simultaneous Checks Per Host and Max Simultaneous Hosts Per Scan What is the function of Performance Options in the Scan Policy? - Correct Answer- Determines the impact of a scan related to scan times and network behavior You can configures the targets for you Blackout Window to include... - Correct Answer- All Systems, Assets, IPs, Mixed Which Scan Policy types allows you to select Plugin Families you want? - Correct Answer-Custom Advanced Scan What is an organization? - Correct Answer-A group of individuals who are responsible for a set of common assets

What is a scan zone? - Correct Answer-A defined static range of IP addresses with an associated Nessus scanner What is the maximum size of a SecurityCenter 5 Repository? - Correct Answer-32GB True/False: The IP addresses you are scanning must be contained in both the definition of the scan zone and the definition of the repository - Correct Answer-True What SecurityCenter Role is responsible for setting scan zones? - Correct Answer- Admin How can you get your SecurityCenter Plugin updates? - Correct Answer-Automatically from DISA's plugin server or Manually from the DoD Patch Repository True/False: The SecurityCenter Plugins menu displays a list of script files used by Nessus and PVS scanners to collect and interpret vulnerability, compliance, and configuration data. - Correct Answer-True Which options can you consider for scanning stand-alone networks. - Correct Answer- Install both Nessus and SecurityCenter on a Linux Laptop using Kickstart or in a virtual machine on a Windows 7 laptop. Also, you may Detach a Nessus scanner from its SecurityCenter for scanning purposed and then reattach to SecurityCenter to upload scan results Which page loads by default when you log in to SecurityCenter? - Correct Answer- Dashboard Which of the pages show the date and time of the most recent plugin updates? - Correct Answer-Feeds or Plugins Which page allows you to set your local time zone - Correct Answer-Profile True/False: Asset lists are dynamically or statically generated lists of hosts - Correct Answer-True Which type of asset list updates automatically when a scan runs and a repository is updated? - Correct Answer-Dynamic What is a static asset list? - Correct Answer-A list of IP addresses that require user intervention in order to change what defines them What two ways can you use to add a dynamic asset list? - Correct Answer-Use a template or create a set of rules When you create a dynamic asset list, what occurs? - Correct Answer-SecurityCenter queries the repository to find assets that match the dynamic asset list's rules

True/False: Users in different groups using the same shared asset list could see different IP addresses in the list - Correct Answer-True What two areas in Security Center allow you to analyze scan results? - Correct Answer- The Scan Results page and The Vulnerabilities page True/False: SecurityCenter displays vulnerability data at varying levels and views ranging from the highest level summary down to a detailed vulnerability list. - Correct Answer-True What vulnerabilities are stored in SecurityCenter's Cumulative database - Correct Answer-Current vulnerabilities, including those that have been recast, accepted, or mitigated and found vulnerable on rescan. Which analysis tool provides a list of vulnerabilities that relate to DoD Information Assurance Vulnerability Alerts and Bulletins? - Correct Answer-IAVM Summary Vulnerability filters are available to search on what categories - Correct Answer- Vulnerability Information, Targets, ID Numbers, and Dates Frequently used ______ can be saved as ______ for use in analysis, dashboards, reports, tickets, and alerts. - Correct Answer-Filters, Queries Vulnerability results can be exported to a comma-separated file by clicking on ____. - Correct Answer-Options > Export as CSV Which of the following allows you to set an expiration date? - Correct Answer-Accepted Risk Which SecurityCenter resources allow you to combine filters to provide to provide customized, saved views of vulnerability scan data? - Correct Answer-Queries PVS monitors data at the ____ layer? - Correct Answer-Packet All of the following are benefits of PVS except ____;

  1. Network deployment on several different Operating Systems
  2. Monitoring your network between active scans
  3. Identifying vulnerabilities in areas where you cannot actively scan
  4. Eliminating the need for active scans - Correct Answer-4. Eliminating the need for active scans Which of the following statements is true:
  5. PVS is capable of highlighting all interactive and encrypted network sessions
  6. PVS is capable of decrypting encrypted network sessions - Correct Answer-1. PVS is capable of highlighting all interactive and encrypted network sessions

True/False: A Passive Vulnerability Scanner is simply a Network Intrusions Detection System (NIDS) - Correct Answer-False Which vulnerability filter settings results in viewing only vulnerabilities detected by PVS - Correct Answer-Plugin Type = Passive Systems and devices are compliant when they are ______ - Correct Answer-In accordance with established guidelines, specifications or legislation. True/False: Compliance auditing identifies deviations from a defined standard, whereas, vulnerability management finds weaknesses that could lead to compromise. - Correct Answer-True True/False: You system can suffer a security breach and still be compliant - Correct Answer-True Acceptable audit files for SecurityCenter include... - Correct Answer-Tenable Network Security Templates (SC Feed), DISA STIG Automated Benchmarks (Ingested in .zip format), and SCAP compliant checklists from NIST (.xccdf) Which SecurityCenter menu option do you use to upload audit files? - Correct Answer- Scans In addition to a Nessus scanner, what are the components of a SecurityCenter compliance audit. - Correct Answer-compliance plugins, Audit file, system, or Database credentials. Which vulnerability severity level indicates a failed compliance item? - Correct Answer- High Which SecurityCenter resources define specific configurations for compliance scanning? - Correct Answer-Audit Files Which of the following is not a valid SecurityCenter report type?

  1. CSV
  2. HTML
  3. ARF
  4. RTF
  5. ASR
  6. PDF - Correct Answer-HTML You've just added a new report using a template. Which option allows you to specify an Asset (List), IP Address, and/or Repository? - Correct Answer-Focus

Which report tab allows you to customize your report elements? - Correct Answer- Definition True/False: You can change the report type of an existing custom report - Correct Answer-False Which Distribution option allows you to send report results to a user in a different organization? - Correct Answer-Email Addresses True/False: You can add a dashboard from a pre-built dashboard template or create a custom dashboard - Correct Answer-True The Dashboard Options button displays which of the following selections?

  1. Add Dashboard
  2. Manage Dashboards
  3. Edit Dashboard
  4. Share Dashboard
  5. All of the Above - Correct Answer-All of the Above Which of the following types of information can you display on your Dashboard in SecurityCenter?
  6. Compliance Data
  7. Vulnerability Data
  8. Trends
  9. Organizational Structure
  10. All of the Above - Correct Answer-All of the Above What new functionality was added in SecurityCenter 5 under the Dashboard menu? - Correct Answer-Assurance Report Cards All of these are examples of Dashboard components except which one?
  11. Table
  12. Pie Chart
  13. Matrix
  14. XY Axis Graph - Correct Answer-XY Axis Graph True/False: You can only add Dashboard components for the existing queries you have set up in the Analysis menu - Correct Answer-False You've just added a new dashboard using a template, which field option allows you to specify the Asset, IP Address, and Repository? - Correct Answer-Focus Clicking the Pushpin icon next to a dashboard name on the Manage Dashboards page will do which of the following?
  15. Share the Dashboard
  16. Copy the Dashboard
  1. Make the dashboard active/inactive
  2. Export the Dashboard - Correct Answer-Make the Dashboard active/inactive SecurityCenter organizations are _______ that have responsibilities for ______. - Correct Answer-Groups of Individuals; A set of common assets Which SecurityCenter user role resides at the top of an organization hierarchy? - Correct Answer-Security Manager True/False: Each SecurityCenter will contain only one Administrator, one Organization, and one Security Manager - Correct Answer-False What are the options in the Scanning Distribution Method field on the Organization Setup Page - Correct Answer-Automatic Distribution Only, Locked Zone, Selectable Zones True/False: SecurityCenter supports an unlimited number of objects. User, Scan Zones, Repositories, Organizations, and Asset Lists. - Correct Answer-False True/False: Security Managers have the ability to assign role and responsibilities for assets for all organizations within the SecurityCenter - Correct Answer-False Which SecurityCenter user role creates organizations? - Correct Answer-Admin When SecurityCenter initiates a scan of a given IP address, _____ - Correct Answer-It determines what zone the IP address is in and notifies the appropriate scanner Which statement about Nessus scanners is NOT correct?
  3. Every scanning target on your network must have at least one Nessus scanner that connect to that system bi an unrestricted (not firewalled) connection
  4. You must have at least 2 Nessus scanners behind the firewall
  5. Multiple Nessus scanner in the network will speed up the scanning
  6. Each Nessus scanner must have Port 8834 (Both directions) open between Nessus and Security Center - Correct Answer-2. You must have at least 2 Nessus scanners behind the Firewall True/False: SecurityCeter must be able to connect to each Nessus scanner in you network on a distinct IP address - Correct Answer-True Which statement about Nessus scanner is correct?
  7. Scan Zone are dynamic ranges of IP addresses that can be scanned by one or more Nessus scanners
  8. Scan Zone are static ranges of IP addresses that can be scanned by one or more Nessus scanners
  9. The same Nessus scanner should not be in multiple Scan Zones
  1. There must be only one scanner in each Scan Zone in order for SecurityCenter to perform scans - Correct Answer-2. Scan Zones are static ranges of IP addresses that can be scanned by one or more Nessus scanners
  2. The same Nessus scanner should not be in multiple Scan Zones You're adding a Scan Zone for a new block of IP addresses. What are the fields on the Add Scan Zone page? - Correct Answer-Name, Ranges, and Scanners Which SecurityCenter user role creates Scan Zones? - Correct Answer-Admin Repositories are proprietary data files residing on the SecurityCenter that store ____? - Correct Answer-Scan data A repository is defined by ______? Select all that apply
  3. Scan Policy
  4. IP Address range
  5. MDM Data Type
  6. Vulnerability type
  7. Query Range - Correct Answer-IP Address Range and MDM Data Type True/False: Any user can create a new repository - Correct Answer-False True/False: Multiple organizations can have access to the same repository - Correct Answer-True You can use multiple repositories to:
  8. Restrict access to data based on organizational needs
  9. Improve reporting time with smaller data sets
  10. Separate compliance and vulnerability data
  11. Resolve technical issues for non-standards network configurations
  12. All of the above - Correct Answer-5. All of the Above What is the purpose of a remote repository? - Correct Answer-Replicating another SecurityCenter's repository data Which IP address(es) are acceptable when creating a repository in SecurityCenter? - Correct Answer-Any of the following: A single IP address, A range of IP addresses, An address CIDR block, or A comma-delimited combination Local repositories can contain which of the following types of data?
  13. IPv
  14. Boolean
  15. IPv
  16. Mobile - Correct Answer-1. IPv
  17. IPv
  18. Mobile

True/False: You can combine IPv4 and IPv6 data in the same repository. - Correct Answer-False What are "Roles" - Correct Answer-Define what a user can do What are "Groups" - Correct Answer-Combine access rights to objects within an organization for quick assignment to one or more users. What are "Users" - Correct Answer-Are individual SecurityCenter Accounts When creating a custom role, what are the Scanning Permissions that you can assign?

  • Correct Answer-Create Scans and Create plugin scans Which of the following roles is NOT a predefined SecurityCenter role?
  1. Admin
  2. Security Manager
  3. Security Analyst
  4. Information Assurance Manager
  5. Executive
  6. Credential Manager
  7. Auditor
  8. No Role - Correct Answer-4. Information Assurance Manager Which of the following groups is defined for each organization by default?
  9. All access
  10. Single access
  11. Full access
  12. Super User - Correct Answer-3. Full access When you create a group, select all of the objects that you could share to the group.
  13. Assets
  14. Assurance Report Cards
  15. Credentials
  16. Other User Accounts - Correct Answer-Assets, Assurance Report Cards, and Credentials You are adding a new user. Which of the following access settings apply to that user definition?
  17. Repositories
  18. Asset Responsibility
  19. Role
  20. Group
  21. Manage Objects - Correct Answer-Asset Responsibility, Role, Group, and Manage Objects

Where do you grant the ability to manage other users and their objects? - Correct Answer-In the Users > User Definition Which of the following are available through SecurityCenter's Workflow functionality?

  1. Vulnerabilities and queries
  2. Scans and reports
  3. Alerts and tickets
  4. Vulnerabilities and alerts - Correct Answer-Alerts and tickets You can configure SecurityCenter to perform alerts based on what condition types? _________, ________, or _________ - Correct Answer-Vulnerability, Event, or Ticket Occurrences The trigger options for setting a SecurityCenter alert are IP count, Vulnerability/Event count, and _____ count. - Correct Answer-Port What alert function defines what an alert does after it has been triggered? - Correct Answer-Add actions Which of the following is NOT a potential action when defining an alert?
  5. Send Email
  6. Notify Users
  7. Create Scan Policies
  8. Assign Ticket
  9. Launch Scan
  10. Generate Syslog - Correct Answer-3. Create Scan Policies True/False: Tickets can be automatically generated from an alert or manually created. - Correct Answer-True