ACAS
a
Discovery
Scan
Template
-
ANS-Templates
allow
users
to
create
scan
policies
based
on
industry
standards
Scan
templates
for
discovery
scans
can
be
downloaded
from
the
DISA
patch
repository
Templates
require
minor
configurations
such
as,
credentials
to
use,
set
repository,
and
select
targets
A
single
large
scan
job
can
be
-
ANS-broken
into
multiple
scheduled
jobs
ACAS
Components
-
ANS---ACAS
components:
Tenable
SecurityCenter
Nessus
Scanners
--One
SecurityCenter
per
MAJCOM
and
two
Nessus
Scanners
per
site
--Each
Nessus
Scanner
can
handle
a
Maximum
of
2500
IPs
--Nessus
scanners
can
be
physical
or
virtual
ACAS
Limitations
-
ANS->>ACAS
CANNOT
apply
patches
or
alter
configuration
settings,
only
reports
scan
findings
>>Too
many
concurrent
tasks
can
overload/lock
database
and
cease
functions
>>Nessus
scanners
require
base
technicians
to
troubleshoot
and
perform
regular
touch
maintenance
in
correlation
with
AFLCMC/PMO.
>>Number
of
accounts
can
impact
performance
2
accounts
per
site,
per
network
MUST
be
associated
with
CAC
(2FA)
>>Can
only
scan
internal
base
network.
ACAS
Queries
-
ANS-allow
SecurityCenter
users
to
save
custom
views
of
vulnerability
or
event
data
for
repeated
access
when
filtering
data.
ACAS
Reports
can
display
various
data
findings:
-
ANS-Name
and
IP
address
of
hosts
Operating
system
of
hosts
Host
system
configuration
settings
Top
offenders
Vulnerabilities
by
plugin
number
or
criticality
Date
vulnerability
discovered Fix
actions
(KB
articles)
Changes
over
last
30
days
ACAS
Reports:
-
ANS->>Provide
an
assortment
of
report
templates
and
a
user-friendly
report
creation
interface
>>Can
contain
graphs,
charts,
tables,
etc.
>>Can
be
run
as
part
of
a
post-scan
process,
run
on
a
schedule,
or
on
demand
Advantages
of
credentialed
scans:
-
ANS--Uses
login
credentials
to
connect
to
a
given
host
and
execute
commands
on
the
host
to
determine
potential
vulnerabilities
-Gives
more
complete
results
-Runs
faster
(typically)
-Provides
patch
analysis
Advantages
of
network
Non-Credentialed
scans:
-
ANS->>Probes
hosts
from
outside
the
target
using
port
scanning,
service
identification
and
other
techniques
>>Provides
an
effective
method
of
scanning
hosts
that
do
not
allow
remote
logins,
or
do
not
allow
SSH,
SMB
or
other
login
methods
from
the
outside
>>Gives
the
analyst
a
picture
of
what
is
seen
from
"outside
the
host"
Analysis
and
Queries
in
Asset
Lists
-
-
ANS-you
can
use
asset
lists
when
filtering
scan
data
and
saving
queries
As
the
number
of
hosts
in
a
scan
job
increases,
-
ANS-the
performance
of
the
scan
job
decreases
Asset
lists
are
-
ANS->>used
to
break
up
your
infrastructure
into
manageable
groups,
for
a
number
of
different
purposes
>>dynamically
or
statically
generated
lists
of
hosts
or
devices
that
are
connected
to
your
network
Asset
lists
can
be
-
ANS->>created
by
manually
adding
IP
addresses,
IP
address
ranges
or
CIDR
blocks
>>include
or
exclude
the
contents
of
existing
asset
lists
from
the
IP
addresses
you
have
entered
Asset
lists
impact
all
areas
of
SecurityCenter
-
ANS->>Analysis
and
Queries
>>Dashboard
Components
>>Scanning
>>Reporting
>>Groups
Audit
Scan
-
ANS-**Requires
credentials
that
have
root
access
to
the
targeted
systems
>>Uses
a
benchmark,
usually
from
the
STIG
website
>>Check
Security
Technical
Implementation
Guide
(STIG)
compliance
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller AnswersCOM. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for £6.52. You're not tied to anything after your purchase.