ACAS BEST PRACTICE KNOWLEDGE EXAM 3 ALREADY ANSWERED A GRADED

ACAS REVIEW QUESTIONS ALREADY ANSWERED A GRADED Components of an Active Vulnerability Scan consist of: A policy, credentials, scan zone, schedule, ________, and _________. - Repository and Target List ______ are administrative level usernames and passwords used in authenticated scans? - Credentials True/False: You can associate multiple credentials with a single scan - True Networks using DHCP require what Active Scan setting be enabled to properly track hosts - Track hosts which have been issued new IP addresses Which type of scan obtains information by authenticating to the host access resources not available over the network - Credentialed True/False: You may only select one import repository per scan - True True/False: Once a scan is running, you cannot pause or stop it until it is completed - False Which Port Scanning Range option tells the scanner to scan only common ports? - Default In a low -bandwidth environment, which options might you adjust to try to improve scanning performance? - Max Simultaneous Checks Per Host and Max Simultaneous Hosts Per Scan What is the function of Performance Options in the Scan Policy? - Determines the impact of a scan related to scan times and network behavior You can configures the targets for you Blackout Window to include... - All Systems, Assets, IPs, Mixed Which Scan Policy types allows you to select Plugin Families you want? - Custom Advanced Sc an What is an organization? - A group of individuals who are responsible for a set of common assets What is a scan zone? - A defined static range of IP addresses with an associated Nessus scanner What is the maximum size of a SecurityCenter 5 Repository ? - 32GB True/False: The IP addresses you are scanning must be contained in both the definition of the scan zone and the definition of the repository - True What SecurityCenter Role is responsible for setting scan zones? - Admin How can you get your Sec urityCenter Plugin updates? - Automatically from DISA's plugin server or Manually from the DoD Patch Repository True/False: The SecurityCenter Plugins menu displays a list of script files used by Nessus and PVS scanners to collect and interpret vulnerabil ity, compliance, and configuration data. - True Which options can you consider for scanning stand -alone networks. - Install both Nessus and SecurityCenter on a Linux Laptop using Kickstart or in a virtual machine on a Windows 7 laptop. Also, you may Detac h a Nessus scanner from its SecurityCenter for scanning purposed and then reattach to SecurityCenter to upload scan results Which page loads by default when you log in to SecurityCenter? - Dashboard Which of the pages show the date and time of the most recent plugin updates? - Feeds or Plugins Which page allows you to set your local time zone - Profile True/False: Asset lists are dynamically or statically generated lists of hosts - True Which type of asset list updates automatically when a scan runs and a repository is updated? - Dynamic What is a static asset list? - A list of IP addresses that require user intervention in order to change what defines them What two ways can you use to add a dynam ic asset list? - Use a template or create a set of rules When you create a dynamic asset list, what occurs? - SecurityCenter queries the repository to find assets that match the dynamic asset list's rules True/False: Users in different groups using the s ame shared asset list could see different IP addresses in the list - True What two areas in Security Center allow you to analyze scan results? - The Scan Results page and The Vulnerabilities page