Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

SecurityCenter 5 Review Questions and Answers, Exams of Computer Networks

A comprehensive set of review questions and answers related to securitycenter 5, a vulnerability management and compliance auditing software. It covers various aspects of the software, including scan policies, scan zones, repositories, asset lists, vulnerability analysis, compliance auditing, reporting, and dashboarding. The questions and answers are designed to help users understand the key features and functionalities of securitycenter 5 and prepare for certification exams or professional development.

Typology: Exams

2024/2025

Available from 03/07/2025

drillmaster
drillmaster 🇺🇸

5

(5)

838 documents

1 / 19

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
ACAS Review Questions 2025 LATEST QUIZ
SCORE A+
Components of an Active Vulnerability Scan consist of: A policy, credentials, scan zone,
schedule, ________, and _________.
Repository and Target List
______ are administrative level usernames and passwords used in authenticated scans?
Credentials
True/False: You can associate multiple credentials with a single scan
True
Networks using DHCP require what Active Scan setting be enabled to properly track hosts
Track hosts which have been issued new IP addresses
Which type of scan obtains information by authenticating to the host access resources not
available over the network
Credentialed
True/False: You may only select one import repository per scan
True
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13

Partial preview of the text

Download SecurityCenter 5 Review Questions and Answers and more Exams Computer Networks in PDF only on Docsity!

ACAS Review Questions 2025 LATEST QUIZ

SCORE A+

Components of an Active Vulnerability Scan consist of: A policy, credentials, scan zone, schedule, ________, and _________. Repository and Target List ______ are administrative level usernames and passwords used in authenticated scans? Credentials True/False: You can associate multiple credentials with a single scan True Networks using DHCP require what Active Scan setting be enabled to properly track hosts Track hosts which have been issued new IP addresses Which type of scan obtains information by authenticating to the host access resources not available over the network Credentialed True/False: You may only select one import repository per scan True

True/False: Once a scan is running, you cannot pause or stop it until it is completed False Which Port Scanning Range option tells the scanner to scan only common ports? Default In a low-bandwidth environment, which options might you adjust to try to improve scanning performance? Max Simultaneous Checks Per Host and Max Simultaneous Hosts Per Scan What is the function of Performance Options in the Scan Policy? Determines the impact of a scan related to scan times and network behavior You can configures the targets for you Blackout Window to include... All Systems, Assets, IPs, Mixed Which Scan Policy types allows you to select Plugin Families you want? Custom Advanced Scan What is an organization? A group of individuals who are responsible for a set of common assets

Which page loads by default when you log in to SecurityCenter? Dashboard Which of the pages show the date and time of the most recent plugin updates? Feeds or Plugins Which page allows you to set your local time zone Profile True/False: Asset lists are dynamically or statically generated lists of hosts True Which type of asset list updates automatically when a scan runs and a repository is updated? Dynamic What is a static asset list? A list of IP addresses that require user intervention in order to change what defines them What two ways can you use to add a dynamic asset list? Use a template or create a set of rules

When you create a dynamic asset list, what occurs? SecurityCenter queries the repository to find assets that match the dynamic asset list's rules True/False: Users in different groups using the same shared asset list could see different IP addresses in the list True What two areas in Security Center allow you to analyze scan results? The Scan Results page and The Vulnerabilities page True/False: SecurityCenter displays vulnerability data at varying levels and views ranging from the highest level summary down to a detailed vulnerability list. True What vulnerabilities are stored in SecurityCenter's Cumulative database Current vulnerabilities, including those that have been recast, accepted, or mitigated and found vulnerable on rescan. Which analysis tool provides a list of vulnerabilities that relate to DoD Information Assurance Vulnerability Alerts and Bulletins? IAVM Summary

  1. Identifying vulnerabilities in areas where you cannot actively scan
  2. Eliminating the need for active scans
  3. Eliminating the need for active scans Which of the following statements is true:
  4. PVS is capable of highlighting all interactive and encrypted network sessions
  5. PVS is capable of decrypting encrypted network sessions
  6. PVS is capable of highlighting all interactive and encrypted network sessions True/False: A Passive Vulnerability Scanner is simply a Network Intrusions Detection System (NIDS) False Which vulnerability filter settings results in viewing only vulnerabilities detected by PVS Plugin Type = Passive Systems and devices are compliant when they are ______ In accordance with established guidelines, specifications or legislation. True/False: Compliance auditing identifies deviations from a defined standard, whereas, vulnerability management finds weaknesses that could lead to compromise. True

True/False: You system can suffer a security breach and still be compliant True Acceptable audit files for SecurityCenter include... Tenable Network Security Templates (SC Feed), DISA STIG Automated Benchmarks (Ingested in .zip format), and SCAP compliant checklists from NIST (.xccdf) Which SecurityCenter menu option do you use to upload audit files? Scans In addition to a Nessus scanner, what are the components of a SecurityCenter compliance audit. compliance plugins, Audit file, system, or Database credentials. Which vulnerability severity level indicates a failed compliance item? High Which SecurityCenter resources define specific configurations for compliance scanning? Audit Files Which of the following is not a valid SecurityCenter report type?

  1. CSV
  2. HTML
  3. ARF
  1. Add Dashboard
  2. Manage Dashboards
  3. Edit Dashboard
  4. Share Dashboard
  5. All of the Above All of the Above Which of the following types of information can you display on your Dashboard in SecurityCenter?
  6. Compliance Data
  7. Vulnerability Data
  8. Trends
  9. Organizational Structure
  10. All of the Above All of the Above What new functionality was added in SecurityCenter 5 under the Dashboard menu? Assurance Report Cards All of these are examples of Dashboard components except which one?
  11. Table
  12. Pie Chart
  13. Matrix
  14. XY Axis Graph XY Axis Graph

True/False: You can only add Dashboard components for the existing queries you have set up in the Analysis menu False You've just added a new dashboard using a template, which field option allows you to specify the Asset, IP Address, and Repository? Focus Clicking the Pushpin icon next to a dashboard name on the Manage Dashboards page will do which of the following?

  1. Share the Dashboard
  2. Copy the Dashboard
  3. Make the dashboard active/inactive
  4. Export the Dashboard Make the Dashboard active/inactive SecurityCenter organizations are _______ that have responsibilities for ______. Groups of Individuals; A set of common assets Which SecurityCenter user role resides at the top of an organization hierarchy? Security Manager True/False: Each SecurityCenter will contain only one Administrator, one Organization, and one Security Manager
  1. Multiple Nessus scanner in the network will speed up the scanning
  2. Each Nessus scanner must have Port 8834 (Both directions) open between Nessus and Security Center
  3. You must have at least 2 Nessus scanners behind the Firewall True/False: SecurityCeter must be able to connect to each Nessus scanner in you network on a distinct IP address True Which statement about Nessus scanner is correct?
  4. Scan Zone are dynamic ranges of IP addresses that can be scanned by one or more Nessus scanners
  5. Scan Zone are static ranges of IP addresses that can be scanned by one or more Nessus scanners
  6. The same Nessus scanner should not be in multiple Scan Zones
  7. There must be only one scanner in each Scan Zone in order for SecurityCenter to perform scans
  8. Scan Zones are static ranges of IP addresses that can be scanned by one or more Nessus scanners
  9. The same Nessus scanner should not be in multiple Scan Zones You're adding a Scan Zone for a new block of IP addresses. What are the fields on the Add Scan Zone page? Name, Ranges, and Scanners Which SecurityCenter user role creates Scan Zones? Admin

Repositories are proprietary data files residing on the SecurityCenter that store ____? Scan data A repository is defined by ______? Select all that apply

  1. Scan Policy
  2. IP Address range
  3. MDM Data Type
  4. Vulnerability type
  5. Query Range IP Address Range and MDM Data Type True/False: Any user can create a new repository False True/False: Multiple organizations can have access to the same repository True You can use multiple repositories to:
  6. Restrict access to data based on organizational needs
  7. Improve reporting time with smaller data sets
  8. Separate compliance and vulnerability data
  9. Resolve technical issues for non-standards network configurations

What are "Groups" Combine access rights to objects within an organization for quick assignment to one or more users. What are "Users" Are individual SecurityCenter Accounts When creating a custom role, what are the Scanning Permissions that you can assign? Create Scans and Create plugin scans Which of the following roles is NOT a predefined SecurityCenter role?

  1. Admin
  2. Security Manager
  3. Security Analyst
  4. Information Assurance Manager
  5. Executive
  6. Credential Manager
  7. Auditor
  8. No Role
  9. Information Assurance Manager Which of the following groups is defined for each organization by default?
  10. All access
  1. Single access
  2. Full access
  3. Super User
  4. Full access When you create a group, select all of the objects that you could share to the group.
  5. Assets
  6. Assurance Report Cards
  7. Credentials
  8. Other User Accounts Assets, Assurance Report Cards, and Credentials You are adding a new user. Which of the following access settings apply to that user definition?
  9. Repositories
  10. Asset Responsibility
  11. Role
  12. Group
  13. Manage Objects Asset Responsibility, Role, Group, and Manage Objects Where do you grant the ability to manage other users and their objects? In the Users > User Definition Which of the following are available through SecurityCenter's Workflow functionality?

True/False: Tickets can be automatically generated from an alert or manually created. True