ACAS (Assured Compliance
Assessment Solution)
ACAS (Assured Compliance Assessment Solution) - ANSis a community-primarily based safety
compliance and evaluation capability designed to provide awareness of the security posture and
community health of DoD networks
SecurityCenter - ANSis the central console for the ACAS device tools and information
ACAS components - ANSSecurityCenter
Nessus- lively scanner
PVS (passive vulnerability scanner) - sniffs the community
3D device/non-obligatory - port 443
ACAS additives carry out these predominant features: - ANS- Discover belongings
- Detect vulnerabilities and records leaks
- Conduct configuration and compliance audits
- Publish findings to Continuous Monitoring and Risk Scoring (CMRS)
Plug-in - ANSdisplays a list of script documents utilized by Nessus/PVS scanners to gather and
interpret vulnerability, compliance, and configuration statistics
Things that may be scanned for security records - ANSservers, workstations, peripherals,
Mobile device Management Servers, community servers
PVS (Passive Vulnerability Scanner) - ANSwatches and determines vulnerabilities based on
community traffic, rather than actively scanning
Compliance - ANSa state of being according with set up recommendations, specs or regulation,
or the manner of turning into so
CMRS ( Continuous Monitoring and Risk Scoring) - ANSa device to provide DoD issue - and
agency-stage situational recognition with the aid of quantitatively showing an employer's
protection posture
Task Order thirteen-670 - ANSImplementation of ACAS
What is the first display you spot whilst you log in to SecurityCenter? - ANSDashboard
SecurityCenter Building Blocks - ANS-Organization
, -Role, Group, and User Definition
-Scan Zone (and Nessus Scanners)
-Repository
-Plugin
Organization - ANSgroups of people chargeable for a fixed of commonplace belongings
Scan Zones - ANSa described static variety of IP addresses that can be scanned by way of one
or more Nessus Scanners
Repositories - ANSare proprietary statistics files, living at the Security Center, that save
experiment results
Passive scanning plugins Range - ANS1-10,000
Active (Nessus) plugin Range - ANS10,001-900,000
Custom plugins created via users Range - ANS900,001-999,999
Compliance plugin Range - ANS1,000,000+
What is the maximum size of a SecurityCenter five Repository? - ANS32GB
How are you able to get your SecurityCenter plugin updates? - ANSAutomatically from DISA's
plugin server and manually from the DoD Patch Repository
A Scan Job includes - ANSPolicy, agenda, Credentials, Import Repository, Targets, and Scan
Zone
Steps to run a Scan with SecurityCenter five - ANS1. Create a Scan Policy
2. Create a Scan
three. Launch the Scan
4. View the Scan Results
Credentials - ANSadministrative level usernames and passwords (or SSH keypairs) which might
be used in authenticated scans
Blackout Windows - ANS- allow you to set a "do no longer scan" period of time
- Scans released all through an energetic Blackout Window will show a Partial Status in the
Scan Results
- will prevent scheduled scans from jogging
- times are expressed in 24-hour format
Individual Scan results - ANSa photo of what was susceptible at a selected point in time
Assessment Solution)
ACAS (Assured Compliance Assessment Solution) - ANSis a community-primarily based safety
compliance and evaluation capability designed to provide awareness of the security posture and
community health of DoD networks
SecurityCenter - ANSis the central console for the ACAS device tools and information
ACAS components - ANSSecurityCenter
Nessus- lively scanner
PVS (passive vulnerability scanner) - sniffs the community
3D device/non-obligatory - port 443
ACAS additives carry out these predominant features: - ANS- Discover belongings
- Detect vulnerabilities and records leaks
- Conduct configuration and compliance audits
- Publish findings to Continuous Monitoring and Risk Scoring (CMRS)
Plug-in - ANSdisplays a list of script documents utilized by Nessus/PVS scanners to gather and
interpret vulnerability, compliance, and configuration statistics
Things that may be scanned for security records - ANSservers, workstations, peripherals,
Mobile device Management Servers, community servers
PVS (Passive Vulnerability Scanner) - ANSwatches and determines vulnerabilities based on
community traffic, rather than actively scanning
Compliance - ANSa state of being according with set up recommendations, specs or regulation,
or the manner of turning into so
CMRS ( Continuous Monitoring and Risk Scoring) - ANSa device to provide DoD issue - and
agency-stage situational recognition with the aid of quantitatively showing an employer's
protection posture
Task Order thirteen-670 - ANSImplementation of ACAS
What is the first display you spot whilst you log in to SecurityCenter? - ANSDashboard
SecurityCenter Building Blocks - ANS-Organization
, -Role, Group, and User Definition
-Scan Zone (and Nessus Scanners)
-Repository
-Plugin
Organization - ANSgroups of people chargeable for a fixed of commonplace belongings
Scan Zones - ANSa described static variety of IP addresses that can be scanned by way of one
or more Nessus Scanners
Repositories - ANSare proprietary statistics files, living at the Security Center, that save
experiment results
Passive scanning plugins Range - ANS1-10,000
Active (Nessus) plugin Range - ANS10,001-900,000
Custom plugins created via users Range - ANS900,001-999,999
Compliance plugin Range - ANS1,000,000+
What is the maximum size of a SecurityCenter five Repository? - ANS32GB
How are you able to get your SecurityCenter plugin updates? - ANSAutomatically from DISA's
plugin server and manually from the DoD Patch Repository
A Scan Job includes - ANSPolicy, agenda, Credentials, Import Repository, Targets, and Scan
Zone
Steps to run a Scan with SecurityCenter five - ANS1. Create a Scan Policy
2. Create a Scan
three. Launch the Scan
4. View the Scan Results
Credentials - ANSadministrative level usernames and passwords (or SSH keypairs) which might
be used in authenticated scans
Blackout Windows - ANS- allow you to set a "do no longer scan" period of time
- Scans released all through an energetic Blackout Window will show a Partial Status in the
Scan Results
- will prevent scheduled scans from jogging
- times are expressed in 24-hour format
Individual Scan results - ANSa photo of what was susceptible at a selected point in time
