































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
The securitycenter user guide is a comprehensive document that provides detailed information on the features and functionalities of the securitycenter platform. It covers a wide range of topics, including the security center tool, cmrs, scan policies, asset lists, compliance scanning, dashboards, user roles and permissions, and remote repositories. The guide is designed to help users understand how to effectively utilize the securitycenter platform to manage their organization's security posture, identify vulnerabilities, and ensure compliance with various security standards and regulations. Likely to be useful for university students, particularly those studying cybersecurity, information security, or related fields, as it provides a detailed overview of a widely used security management tool.
Typology: Exams
1 / 39
This page cannot be seen from the preview
Don't miss anything!
































What is ACAS? Select the best answer. A. ACAS is a network-based security compliance and assessment capability designed to provide awareness of the security posture and network health of DoD networks. B. ACAS is a system that ensures security for the DoD networks. C. ACAS is a system that monitors and corrects vulnerabilities to provide security for the DoD networks. D. All of the above **** Module 1-1 **** - Answer: A Which of the following best describes the Security Center? Select the best answer. A. A topology viewer that provides graphical analysis information
B. The passive scanner that detects vulnerabilities by sniffing network traffic C. The active scanner that probes hosts D. The central console that provides continuous asset-based security and compliance monitoring **** Module 1-1 **** - Answer: D True/False A vulnerability is a weakness or an attack that can compromise your system. **** Module 1-1 **** - Answer: False True/False The Nessus scanner monitors data at rest, while the PVS monitors data in motion. **** Module 1-1 **** - Answer: True True/False PVS detects vulnerabilities based on network traffic instead of actively scanning hosts. **** Module 1-1 **** - Answer: True Which ACAS component performs active vulnerability and compliance scanning? Select the best answer. A. 3D Tool
C. Reporting D. Scanning **** Module 1-2 **** - Answer: A Which of the following pages show the date and time of the most recent plugin updates? Select all that apply. A. Alerts B. Plugins C. Preferences D. System Status E. Feeds **** Module 1-2 **** - Answer: B, E Which page allows you to set your local time zone? Select the best answer. A. Dashboard B. Feeds C. Profile D. Workflow **** Module 1-2 **** - Answer: C
What is an organization? Select the best answer. A. A database of vulnerability data defined by assets or IP addresses B. A group of individuals who are responsible for a set of common assets C. A defined static range of IP addresses with an associated Nessus scanner(s) D. A script file used to collect and interpret vulnerability, compliance, and configuration data **** Module 1-3 **** - Answer: B What is a scan zone? Select the best answer. A. A database of vulnerability data defined by assets or IP addresses B. A group of individuals who are responsible for a set of common assets C. A defined static range of IP addresses with an associated Nessus scanner(s) D. A script files used to collect and interpret vulnerability, compliance, and configuration data **** Module 1-3 **** - Answer: C What is the maximum size of a SecurityCenter 5 Repository? Select the best answer. A. 2 GB B. 4 GB C. 16 GB
True/False The SecurityCenter Plugins menu displays a list of script files used by Nessus and PVS scanners to collect and interpret vulnerability, compliance, and configuration data. **** Module 1-3 **** - Answer: True Which of the following are options you can consider for scanning stand-alone networks? Select all that apply. A. Install both Nessus and SecurityCenter on a Linux Laptop using Kickstart B. Install both Nessus and SecurityCenter in virtual machines on a Windows 7 laptop C. Detach a Nessus scanner from its SecurityCenter for scanning purposes and then reattach to SecurityCenter to upload scan results D. Use Nessus alone, without a SecurityCenter E. There are no approved stand-alone scanning options **** Module 1-3 **** - Answer: A, B, C Components of an Active Vulnerability Scan consist of: a policy, credentials, scan zone, schedule, _________, and __________. Select all that apply. A. User role B. Query C. Repository
D. Target list **** Module 1-4 **** - Answer: C, D _________ are administrative-level usernames and passwords (or SSH keypairs) used in authenticated scans? Select the best answer. A. Audit Files B. Scan Policies C. Credentials D. Asset Lists **** Module 1-4 **** - Answer: C True/False You can associate multiple credentials with a single scan. **** Module 1-4 **** - Answer: True Networks using Dynamic Host Configuration Protocol (DHCP) require that this Active Scan setting be enabled to properly track hosts. Select the best answer. A. Remove vulnerabilities from scanned hosts that have been inactive for (X days) B. Track hosts which have been issued IP addresses C. Scanning Virtual Hosts D. Rollover Option
D. common **** Module 1-4 **** - Answer: C In a low-bandwidth environment, which of the following options might you adjust to try to improve scanning performance? Select all that apply. A. Safe checks B. Silent Dependencies C. Max Simultaneous Checks Per Host D. Max Simultaneous Hosts Per Scan **** Module 1-4 **** - Answer: C, D What is the function of Performance Options in the Scan Policy? Select the best answer. A. Determines the impact of a scan related to scan times and network behavior B. Determines how a scan will behave C. Describes how a scan will be shared across organizations D. Sets the port range of a scan **** Module 1-4 **** - Answer: A You can configure the targets for your Blackout Window to include which of the following? Select all that apply. A. All Systems
B. Assets C. IPs D. Mixed E. FQDN **** Module 1-4 **** - Answer: A, B, C, D Which of the following Scan Policy types allows you to select Plugin Families you want? Select the best answer. A. Basic Network Scan Template B. Custom Advanced Scan C. Host Discovery Template D. Credentialed Patch Audit Template **** Module 1-4 **** - Answer: B True/False Asset lists are dynamically or statically generated lists of hosts. **** Module 1-5 **** - Answer: True Which type of asset list updates automatically when a scan runs and a repository is updated? Select the best answer. A. Static
When you create dynamic asset list(s), which of the following occurs? Select the best answer. A. SecurityCenter runs a scan to find assets that match the dynamic asset list's rules. B. SecurityCenter queries the repository(ies) to find assets that match the dynamic asset list's rules. **** Module 1-5 **** - Answer: B True/False Users in different groups using the same shared asset list could see different IP addresses in the list. **** Module 1-5 **** - Answer: True What two areas in SecurityCenter allow you to analyze scan results? Select all that apply. A. The Scan Results page B. The Plugins page C. The Vulnerabilities page D. The Scan Policies page **** Module 2-1 **** - Answer: A, C True/False
SecurityCenter displays vulnerability data at varying levels and views ranging from the highest level summary down to a detailed vulnerability list. **** Module 2-1 **** - Answer: True What vulnerabilities are stored in SecurityCenter's Cumulative database? Select the best answer. A. Vulnerabilities discovered from the most recent scan B. Current vulnerabilities, including those that have been recast, accepted, or mitigated and found vulnerable on rescan C. Newly mitigated vulnerabilities D. Vulnerabilities discovered from the current day's scans **** Module 2-1 **** - Answer: B Which analysis tool provides a list of vulnerabilities that relate to DoD Information Assurance Vulnerability Alerts and Bulletins? Select the best answer. A. Asset Summary B. CCE Summary C. CVE Summary D. IAVM Summary E. Vulnerability Summary **** Module 2-1 **** - Answer: D
C. Workflow > Export as CSV D. View Settings E. Open Ticket **** Module 2-1 **** - Answer: B Which of the following allows you to set an expiration date? Select the best answer. A. Recast Risk B. Accept Risk C. Launch Remediation Scan D. Add To Scratch Pad **** Module 2-1 **** - Answer: B Which of the following SecurityCenter resources allows you to combine filters to provide customized, saved views of vulnerability scan data? Select the best answer. A. Credentials B. Queries C. Scan Policies D. Audit files
**** Module 2-1 **** - Answer: B PVS monitors data at the _____ layer? Select the best answer to correctly complete the statement. A. Bit B. Frame C. Packet D. Segment **** Module 2-2 **** - Answer: C All of the following are benefits of PVS, except _____. Select the incorrect statement. A. Network deployment on several different Operating Systems B. Monitoring your network between active scans C. Identifying vulnerabilities in areas where you cannot actively scan D. Eliminating the need for active scans **** Module 2-2 **** - Answer: D Which of the following statements is true? Select the best answer. A. PVS is capable of highlighting all interactive and encrypted network sessions. B. PVS is capable of decrypting encrypted network sessions.
True/False Compliance auditing identifies deviations from a defined standard, whereas, vulnerability management finds weaknesses that could lead to compromise. **** Module 2-3 **** - Answer: True True/False Your system can suffer a security breach and still be compliant. **** Module 2-3 **** - Answer: True Acceptable audit files for Security Center include which of the following? Select all that apply. A. Tenable Network Security Templates (SC Feed) B. DISA STIG Automated Benchmarks (ingested in .zip format) C. Retina® Audits D. SCAP compliant checklists from NIST (.xccdf) **** Module 2-3 **** - Answer: A, B, D Which SecurityCenter menu option do you use to upload audit files? Select the best answer. A. Dashboard B. Analysis
C. Scans D. Workflow **** Module 2-3 **** - Answer: C In addition to a Nessus scanner, what are the components of a SecurityCenter compliance audit? Select the best answer. A. Scan policy, scan results, compliance filters B. Compliance credentials, Audit file, compliance report C. Compliance plugins, Audit file, system or database credentials D. All of the above **** Module 2-3 **** - Answer: C Which vulnerability severity level indicates a failed compliance item? Select the best answer. A. High B. Low C. Medium D. None of the above **** Module 2-3 **** - Answer: A Which of the following SecurityCenter resources define specific configurations for compliance scanning? Select the best answer.