Tenable SecurityCenter Credentials and Scanning, Exams of Community Health

Various aspects of tenable securitycenter, including credentials management, network scanning, compliance auditing, and dashboard customization. It provides information on topics such as scan zones, repositories, asset lists, vulnerability management, and user roles and permissions. The document aims to guide users in effectively utilizing the securitycenter platform to assess and monitor the security posture of their network infrastructure. It covers a wide range of features and functionalities, making it a comprehensive resource for securitycenter administrators and security professionals.

Typology: Exams

2023/2024

Available from 09/25/2024

NurseTakshif
NurseTakshif 🇬🇧

4.2

(6)

2.2K documents

1 / 9

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
ACAS Review Questions with complete
solutions.
Components of an Active Vulnerability Scan consist of: A policy, credentials, scan zone,
schedule, ________, and _________. - correct answer. Repository and Target List
______ are administrative level usernames and passwords used in authenticated
scans? - correct answer. Credentials
True/False: You can associate multiple credentials with a single scan - correct answer.
True
Networks using DHCP require what Active Scan setting be enabled to properly track
hosts - correct answer. Track hosts which have been issued new IP addresses
Which type of scan obtains information by authenticating to the host access resources
not available over the network - correct answer. Credentialed
True/False: You may only select one import repository per scan - correct answer. True
True/False: Once a scan is running, you cannot pause or stop it until it is completed -
correct answer. False
Which Port Scanning Range option tells the scanner to scan only common ports? -
correct answer. Default
pf3
pf4
pf5
pf8
pf9

Partial preview of the text

Download Tenable SecurityCenter Credentials and Scanning and more Exams Community Health in PDF only on Docsity!

ACAS Review Questions with complete

solutions.

Components of an Active Vulnerability Scan consist of: A policy, credentials, scan zone, schedule, ________, and _________. - correct answer. Repository and Target List

______ are administrative level usernames and passwords used in authenticated scans? - correct answer. Credentials

True/False: You can associate multiple credentials with a single scan - correct answer. True

Networks using DHCP require what Active Scan setting be enabled to properly track hosts - correct answer. Track hosts which have been issued new IP addresses

Which type of scan obtains information by authenticating to the host access resources not available over the network - correct answer. Credentialed

True/False: You may only select one import repository per scan - correct answer. True

True/False: Once a scan is running, you cannot pause or stop it until it is completed - correct answer. False

Which Port Scanning Range option tells the scanner to scan only common ports? - correct answer. Default

In a low-bandwidth environment, which options might you adjust to try to improve scanning performance? - correct answer. Max Simultaneous Checks Per Host and Max Simultaneous Hosts Per Scan

What is the function of Performance Options in the Scan Policy? - correct answer. Determines the impact of a scan related to scan times and network behavior

You can configures the targets for you Blackout Window to include... - correct answer. All Systems, Assets, IPs, Mixed

Which Scan Policy types allows you to select Plugin Families you want? - correct answer. Custom Advanced Scan

What is an organization? - correct answer. A group of individuals who are responsible for a set of common assets

What is a scan zone? - correct answer. A defined static range of IP addresses with an associated Nessus scanner

What is the maximum size of a SecurityCenter 5 Repository? - correct answer. 32GB

True/False: The IP addresses you are scanning must be contained in both the definition of the scan zone and the definition of the repository - correct answer. True

What SecurityCenter Role is responsible for setting scan zones? - correct answer. Admin

How can you get your SecurityCenter Plugin updates? - correct answer. Automatically from DISA's plugin server or Manually from the DoD Patch Repository

True/False: The SecurityCenter Plugins menu displays a list of script files used by Nessus and PVS scanners to collect and interpret vulnerability, compliance, and configuration data. - correct answer. True

Which options can you consider for scanning stand-alone networks. - correct answer. Install both Nessus and SecurityCenter on a Linux Laptop using Kickstart or in a virtual machine on a Windows 7 laptop. Also, you may Detach a Nessus scanner from its SecurityCenter for scanning purposed and then reattach to SecurityCenter to upload scan results

Which page loads by default when you log in to SecurityCenter? - correct answer. Dashboard

Which of the pages show the date and time of the most recent plugin updates? - correct answer. Feeds or Plugins

Which SecurityCenter resources allow you to combine filters to provide to provide customized, saved views of vulnerability scan data? - correct answer. Queries

PVS monitors data at the ____ layer? - correct answer. Packet

All of the following are benefits of PVS except ____;

  1. Network deployment on several different Operating Systems
  2. Monitoring your network between active scans
  3. Identifying vulnerabilities in areas where you cannot actively scan
  4. Eliminating the need for active scans - correct answer. 4. Eliminating the need for active scans

Which of the following statements is true:

  1. PVS is capable of highlighting all interactive and encrypted network sessions
  2. PVS is capable of decrypting encrypted network sessions - correct answer. 1. PVS is capable of highlighting all interactive and encrypted network sessions

True/False: A Passive Vulnerability Scanner is simply a Network Intrusions Detection System (NIDS) - correct answer. False

Which vulnerability filter settings results in viewing only vulnerabilities detected by PVS - correct answer. Plugin Type = Passive

Systems and devices are compliant when they are ______ - correct answer. In accordance with established guidelines, specifications or legislation.

True/False: Compliance auditing identifies deviations from a defined standard, whereas, vulnerability management finds weaknesses that could lead to compromise. - correct answer. True

True/False: You system can suffer a security breach and still be compliant - correct answer. True

Acceptable audit files for SecurityCenter include... - correct answer. Tenable Network Security Templates (SC Feed), DISA STIG Automated Benchmarks (Ingested in .zip format), and SCAP compliant checklists from NIST (.xccdf)

Which SecurityCenter menu option do you use to upload audit files? - correct answer. Scans

In addition to a Nessus scanner, what are the components of a SecurityCenter compliance audit. - correct answer. compliance plugins, Audit file, system, or Database credentials.

Which vulnerability severity level indicates a failed compliance item? - correct answer. High

Which SecurityCenter resources define specific configurations for compliance scanning? - correct answer. Audit Files

Which of the following is not a valid SecurityCenter report type?

  1. CSV
  2. HTML
  3. ARF
  4. RTF
  5. ASR
  6. PDF - correct answer. HTML

You've just added a new report using a template. Which option allows you to specify an Asset (List), IP Address, and/or Repository? - correct answer. Focus

Which report tab allows you to customize your report elements? - correct answer. Definition

True/False: You can change the report type of an existing custom report - correct answer. False

Which Distribution option allows you to send report results to a user in a different organization? - correct answer. Email Addresses

True/False: You can add a dashboard from a pre-built dashboard template or create a custom dashboard - correct answer. True

The Dashboard Options button displays which of the following selections?

  1. Add Dashboard
  2. Manage Dashboards
  3. Edit Dashboard
  4. Share Dashboard
  5. All of the Above - correct answer. All of the Above

Which of the following types of information can you display on your Dashboard in SecurityCenter?

  1. Compliance Data
  2. Vulnerability Data
  3. Trends
  4. Organizational Structure
  5. All of the Above - correct answer. All of the Above

What new functionality was added in SecurityCenter 5 under the Dashboard menu? - correct answer. Assurance Report Cards

All of these are examples of Dashboard components except which one?

  1. Multiple Nessus scanner in the network will speed up the scanning
  2. Each Nessus scanner must have Port 8834 (Both directions) open between Nessus and Security Center - correct answer. 2. You must have at least 2 Nessus scanners behind the Firewall

True/False: SecurityCeter must be able to connect to each Nessus scanner in you network on a distinct IP address - correct answer. True

Which statement about Nessus scanner is correct?

  1. Scan Zone are dynamic ranges of IP addresses that can be scanned by one or more Nessus scanners
  2. Scan Zone are static ranges of IP addresses that can be scanned by one or more Nessus scanners
  3. The same Nessus scanner should not be in multiple Scan Zones
  4. There must be only one scanner in each Scan Zone in order for SecurityCenter to perform scans - correct answer. 2. Scan Zones are static ranges of IP addresses that can be scanned by one or more Nessus scanners
  5. The same Nessus scanner should not be in multiple Scan Zones

You're adding a Scan Zone for a new block of IP addresses. What are the fields on the Add Scan Zone page? - correct answer. Name, Ranges, and Scanners

Which SecurityCenter user role creates Scan Zones? - correct answer. Admin

Repositories are proprietary data files residing on the SecurityCenter that store ____? - correct answer. Scan data

A repository is defined by ______? Select all that apply

  1. Scan Policy
  2. IP Address range
  3. MDM Data Type
  4. Vulnerability type
  5. Query Range - correct answer. IP Address Range and MDM Data Type

True/False: Any user can create a new repository - correct answer. False

True/False: Multiple organizations can have access to the same repository - correct answer. True

You can use multiple repositories to:

  1. Restrict access to data based on organizational needs
  2. Improve reporting time with smaller data sets
  3. Separate compliance and vulnerability data
  4. Resolve technical issues for non-standards network configurations
  5. All of the above - correct answer. 5. All of the Above

What is the purpose of a remote repository? - correct answer. Replicating another SecurityCenter's repository data

Which IP address(es) are acceptable when creating a repository in SecurityCenter? - correct answer. Any of the following: A single IP address, A range of IP addresses, An address CIDR block, or A comma-delimited combination

Local repositories can contain which of the following types of data?

  1. IPv
  2. Boolean
  3. IPv
  4. Mobile - correct answer. 1. IPv
  5. IPv
  6. Mobile

True/False: You can combine IPv4 and IPv6 data in the same repository. - correct answer. False

What are "Roles" - correct answer. Define what a user can do

What are "Groups" - correct answer. Combine access rights to objects within an organization for quick assignment to one or more users.

What are "Users" - correct answer. Are individual SecurityCenter Accounts

When creating a custom role, what are the Scanning Permissions that you can assign?

  • correct answer. Create Scans and Create plugin scans

Which of the following roles is NOT a predefined SecurityCenter role?

  1. Admin
  2. Security Manager
  3. Security Analyst
  4. Information Assurance Manager
  5. Executive
  6. Credential Manager
  7. Auditor
  8. No Role - correct answer. 4. Information Assurance Manager

Which of the following groups is defined for each organization by default?

  1. All access
  2. Single access
  3. Full access
  4. Super User - correct answer. 3. Full access

When you create a group, select all of the objects that you could share to the group.

  1. Assets