





Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Various aspects of tenable securitycenter, including credentials management, network scanning, compliance auditing, and dashboard customization. It provides information on topics such as scan zones, repositories, asset lists, vulnerability management, and user roles and permissions. The document aims to guide users in effectively utilizing the securitycenter platform to assess and monitor the security posture of their network infrastructure. It covers a wide range of features and functionalities, making it a comprehensive resource for securitycenter administrators and security professionals.
Typology: Exams
1 / 9
This page cannot be seen from the preview
Don't miss anything!






Components of an Active Vulnerability Scan consist of: A policy, credentials, scan zone, schedule, ________, and _________. - correct answer. Repository and Target List
______ are administrative level usernames and passwords used in authenticated scans? - correct answer. Credentials
True/False: You can associate multiple credentials with a single scan - correct answer. True
Networks using DHCP require what Active Scan setting be enabled to properly track hosts - correct answer. Track hosts which have been issued new IP addresses
Which type of scan obtains information by authenticating to the host access resources not available over the network - correct answer. Credentialed
True/False: You may only select one import repository per scan - correct answer. True
True/False: Once a scan is running, you cannot pause or stop it until it is completed - correct answer. False
Which Port Scanning Range option tells the scanner to scan only common ports? - correct answer. Default
In a low-bandwidth environment, which options might you adjust to try to improve scanning performance? - correct answer. Max Simultaneous Checks Per Host and Max Simultaneous Hosts Per Scan
What is the function of Performance Options in the Scan Policy? - correct answer. Determines the impact of a scan related to scan times and network behavior
You can configures the targets for you Blackout Window to include... - correct answer. All Systems, Assets, IPs, Mixed
Which Scan Policy types allows you to select Plugin Families you want? - correct answer. Custom Advanced Scan
What is an organization? - correct answer. A group of individuals who are responsible for a set of common assets
What is a scan zone? - correct answer. A defined static range of IP addresses with an associated Nessus scanner
What is the maximum size of a SecurityCenter 5 Repository? - correct answer. 32GB
True/False: The IP addresses you are scanning must be contained in both the definition of the scan zone and the definition of the repository - correct answer. True
What SecurityCenter Role is responsible for setting scan zones? - correct answer. Admin
How can you get your SecurityCenter Plugin updates? - correct answer. Automatically from DISA's plugin server or Manually from the DoD Patch Repository
True/False: The SecurityCenter Plugins menu displays a list of script files used by Nessus and PVS scanners to collect and interpret vulnerability, compliance, and configuration data. - correct answer. True
Which options can you consider for scanning stand-alone networks. - correct answer. Install both Nessus and SecurityCenter on a Linux Laptop using Kickstart or in a virtual machine on a Windows 7 laptop. Also, you may Detach a Nessus scanner from its SecurityCenter for scanning purposed and then reattach to SecurityCenter to upload scan results
Which page loads by default when you log in to SecurityCenter? - correct answer. Dashboard
Which of the pages show the date and time of the most recent plugin updates? - correct answer. Feeds or Plugins
Which SecurityCenter resources allow you to combine filters to provide to provide customized, saved views of vulnerability scan data? - correct answer. Queries
PVS monitors data at the ____ layer? - correct answer. Packet
All of the following are benefits of PVS except ____;
Which of the following statements is true:
True/False: A Passive Vulnerability Scanner is simply a Network Intrusions Detection System (NIDS) - correct answer. False
Which vulnerability filter settings results in viewing only vulnerabilities detected by PVS - correct answer. Plugin Type = Passive
Systems and devices are compliant when they are ______ - correct answer. In accordance with established guidelines, specifications or legislation.
True/False: Compliance auditing identifies deviations from a defined standard, whereas, vulnerability management finds weaknesses that could lead to compromise. - correct answer. True
True/False: You system can suffer a security breach and still be compliant - correct answer. True
Acceptable audit files for SecurityCenter include... - correct answer. Tenable Network Security Templates (SC Feed), DISA STIG Automated Benchmarks (Ingested in .zip format), and SCAP compliant checklists from NIST (.xccdf)
Which SecurityCenter menu option do you use to upload audit files? - correct answer. Scans
In addition to a Nessus scanner, what are the components of a SecurityCenter compliance audit. - correct answer. compliance plugins, Audit file, system, or Database credentials.
Which vulnerability severity level indicates a failed compliance item? - correct answer. High
Which SecurityCenter resources define specific configurations for compliance scanning? - correct answer. Audit Files
Which of the following is not a valid SecurityCenter report type?
You've just added a new report using a template. Which option allows you to specify an Asset (List), IP Address, and/or Repository? - correct answer. Focus
Which report tab allows you to customize your report elements? - correct answer. Definition
True/False: You can change the report type of an existing custom report - correct answer. False
Which Distribution option allows you to send report results to a user in a different organization? - correct answer. Email Addresses
True/False: You can add a dashboard from a pre-built dashboard template or create a custom dashboard - correct answer. True
The Dashboard Options button displays which of the following selections?
Which of the following types of information can you display on your Dashboard in SecurityCenter?
What new functionality was added in SecurityCenter 5 under the Dashboard menu? - correct answer. Assurance Report Cards
All of these are examples of Dashboard components except which one?
True/False: SecurityCeter must be able to connect to each Nessus scanner in you network on a distinct IP address - correct answer. True
Which statement about Nessus scanner is correct?
You're adding a Scan Zone for a new block of IP addresses. What are the fields on the Add Scan Zone page? - correct answer. Name, Ranges, and Scanners
Which SecurityCenter user role creates Scan Zones? - correct answer. Admin
Repositories are proprietary data files residing on the SecurityCenter that store ____? - correct answer. Scan data
A repository is defined by ______? Select all that apply
True/False: Any user can create a new repository - correct answer. False
True/False: Multiple organizations can have access to the same repository - correct answer. True
You can use multiple repositories to:
What is the purpose of a remote repository? - correct answer. Replicating another SecurityCenter's repository data
Which IP address(es) are acceptable when creating a repository in SecurityCenter? - correct answer. Any of the following: A single IP address, A range of IP addresses, An address CIDR block, or A comma-delimited combination
Local repositories can contain which of the following types of data?
True/False: You can combine IPv4 and IPv6 data in the same repository. - correct answer. False
What are "Roles" - correct answer. Define what a user can do
What are "Groups" - correct answer. Combine access rights to objects within an organization for quick assignment to one or more users.
What are "Users" - correct answer. Are individual SecurityCenter Accounts
When creating a custom role, what are the Scanning Permissions that you can assign?
Which of the following roles is NOT a predefined SecurityCenter role?
Which of the following groups is defined for each organization by default?
When you create a group, select all of the objects that you could share to the group.