ACAS Study Questions and Correct Answers Rated A+

The central console that provides continuous asset-based security and compliance monitoring is ____________. - T The tool that probes hosts and does active vulnerability and compliance scanning is ______________________ - Nessus Active Vulnerability Scanner The tool that can manage scan data, run scans and pull in data from various Nessus Agent is the ________________. - Nessus Manager The Passive Scanner that detects vulnerabilities by sniffing network traffic is the __________________________________________. - Nessus Network Monitor What is ACAS? - ACAS is a network-based security compliance and assessment capability designed to provide awareness of the security posture and network health of DoD networks What is the task order for the implementation of enterprise use of ACAS? - 20-0020 T/F A vulnerability is a weakness of attack that can compromise your system - FALSE A vulnerability is not an attack, it is a weakness T/F The Nessus scanner monitors data at rest, while the NNM monitors data in motion - TRUE A lightweight program installed on the host that gives you visibility into other IT assets that connect intermittently to the internet - A Nessus Agent Which page loads by default when you log into T? - Dashboard Which of the following pages displays the update schedule for updating the active and passive plugins on security manager's interface? - Feeds Which page allows you to set your local time zone? - Profile What can you do on the plugins page of T? - Search for specific plugins, view plugin details and source and upload custom plugins A group of users responsible for a specific number of assets is an _______________. - Organization A defined static range of IP addresses with an associated Nessus scanner is called a _____________________. - Scan Zone A set of proprietary data files that stores scan results and resides on the T is known as a _____________________. - Repository A script file used to collect and interpret vulnerability, compliance and configuration is a ____________. - Plugin What is the maximum size of a T repository? - 32 GB T/F The IP address you are scanning must be contained in both the definition of the scan zone and the definition of the repository - True What T role is responsible for setting up scan zones? - Administrator Per the ACAS contract, how can you get your T plugin updates? - Automatically from DISA's plugin server or manually form the DoD patch repository According to the ACAS contract, what are the three allowable options for scanning stand alone networks? - 1) Install both Nessus and Tenable on a Lunix system using the ACAS kickstart 2) Configure a windows OS with VM software, installing both Tenable and Nessus on the virtual machines 3) Detach the Nessus system from Tenable and place it in the isolated enclave for scanning. Once Scanning is complete, reattach Nessus to the tenable and manually upload scan results Components of an actve vulnerability scan consist of: a scan policy, schedule, credentials, scan zone, import repo and ________________. - Targets ____________ are administrative-level usernames and passwords (or SSH keypairs) used in authenticated scans? - Credentials Networks using dynamic host configuration protocol (SHCP) require that this active scan setting be enabled to properly track hosts. - Track hosts which have been issued new IP addresses Which type of scan is able to run local checks? - Credentialed T/F You may only select one import repository per scan - TRUE T/F Once an active scan is running, you can't pause or stop it - FALSE -Scans can be paused easily through the T user interface