VMO MQF Questions Flashcards
MR status
What is a group of users responsible for specific set of hosts?
a. Organization
b. Plugin
c. Repository
d. Scan Zone
A. Organization
A scan zone __________.
a. Maintains a database of vulnerability data defined by assets or IP addresses
b. Associates an IP address or range of IP addresses with one or more scanners
c. Groups users who are responsible for a specific set of hosts
d. Runs a script file used to collect and interpret vulnerability, compliance, and configuration data
b. Associates an IP address or range of IP addresses with one or more scanners
What contains vulnerability information, a simplified set of remediation actions and the algorithm to test for the presence of the security issue?
a. Audit File
b. Organization
c. Plugin
d. Vulnerability Index
C. Plugin
Which of the following is NOT a Security Center severity code?
a. Critical
b. Info
c. Low
d. Severe
D. Severe
What component of ACAS performs evaluates processes running on the host or probes the host’s network services?
a. Nessus scanners
b. Plugins
c. Passive Vulnerability Scanners (PVS)
d. SecurityCenters
A. Nessus Scanners
What is the weight of a CAT II vulnerability?
C. 4
What is the weight for a CAT I vulnerability?
a. 0
b. 1
c. 4
d. 10
D. 10
Which role enables personnel to only create vulnerability reports within the repositories of the base with least privilege?
a. Administrator
b. Security Manager
c. Scanning Technician
d. Read-Only
D. Read-only
Which Security Center role has the ability to launch scans, configure users, vulnerability policies, and other objects belonging to their organization?
a. Administrator
b. Executive
c. Scanning Technician
d. Security Manager
D. Security Manager
Within the Targets section of Active Scan settings, which IP addresses can be scanned?
a. Both IPv6 and IPv4 addresses simultaneously.
b. Either IPv6 or IPv4 addresses.
c. Only IPv6 addresses.
d. Only IPv4 addresses.
B. Either IPv6 or IPv4 addresses.
How often should the Security Center automatically update plugins?
a. Daily
b. Weekly
c. Bi-weekly
d. Monthly
A. daily
Which scan type is used to identify online endpoints at a given period?
a. Targeted
b. Compliance
c. Discovery
d. Vulnerability
C. Discovery
_____ scans are specialized scans performed in response to a newly identified threat or to validate compliance with an order.
a. Vulnerability
b. Compliance
c. Discovery
d. Targeted
D. Targeted
Which type of scan determines all vulnerabilities found on live hosts within a network enclave?
a. Discovery
b. Vulnerability
c. Compliance
d. Targeted
B. Vulnerability
What determines what a user can or cannot access from their ACAS account?
a. Authorizations
b. Permissions
c. Credentials
d. Roles
D. Roles
What role is responsible for configuration tasks such as defining organizations, repositories, and Nessus scanners?
a. Administrator
b. Auditor
c. Credential manager
d. Security manager
A. Administrator
When viewing plugin details, which of the following can be observed?
a. The CVE and the BID.
b. The BID only.
c. The CVE only.
d. Neither the CVE nor BID.
a. The CVE and the BID.
Which type of asset list are flexible groups of condition statements that refresh using the results from scans?
a. MAC Address
b. DNS Name
c. Dynamic
d. Static
c. Dynamic
Which formula is used to determine the failed access rate for a completed scan?
a. Good/Bad
b. Good/(Good+Bad)
c. Bad/Good
d. Bad/(Good+Bad)
d. Bad/(Good+Bad)
Plugins for SecurityCenter can be downloaded automatically or downloaded manually from ___________.
a. AFCEDs
b. Air Force Portal
c. DoD Patch Repository
d. Nessus Patch Repository
c. DoD Patch Repository
Which type of scan should not use a dynamic asset list?
a. Discovery
b. Vulnerability
c. Compliance
d. Targeted
A. Discovery
Do NOT scan more than hosts in a single targeted scan.
a. 2,500
b. 5,000
c. 7,500
d. 10,000
A. 2,500
What contains additional settings for active scans including plugin settings and advanced directives?
a. Asset List
b. Repository
c. Scan Policy
d. Scan Zone
C. Scan Policy
What is a database within Tenable.sc that contains vulnerability data?
a. Asset List
b. Organization
c. Repository
d. Scan Zone
c. Repository
What should the max scan duration be set to?
a. 24 Hours
b. 12 Hours
c. 40 Hours
d. 20 Hours
D. 20 Hours
Which executable installs the Configuration Manager client?
a. CCMSetup.exe
b. CCMInstallClient.exe
c. RunCCM.exe
d. SetupCCM.exe
A. a. CCMSetup.exe
_____ is a site system role that contains source files for clients to download.
a. Distribution Point
b. Management Point
c. SMS Provider
d. Software Update Point
A. Distribution Point
_____ is a site system role that provides policy and service location information to clients and receives configuration data from clients.
a. Distribution Point
b. Management Point
c. SMS Provider
d. Software Update Point
b. Management Point
_____ helps monitor client installation and identifies clients that are unmanaged because they can’t communicate with their management point.
a. Distribution Point
b. Fallback Status Point
c. SMS Provider
d. Software Update Point
b. Fallback Status Point
The _____ is the interface between a Configuration Manager console and the site database.
a. Client Management Point
b. Management Point
c. SMS Provider
d. Software Update Point
c. SMS Provider
_____ is a site system role that integrates with Windows Server Update Services (WSUS) to provide software updates to Configuration Manager clients.
a. Client Management Point
b. Management Point
c. SMS Provider
d. Software Update Point
software update point.
Which of the following is considered a membership rule for device collections?
a. Direct
b. Reporting
c. Monitoring
d. Windows
A. Direct
In the MECM console, device collections are located in the __________ directory.
a. Administration
b. Assets and Compliance
c. Monitoring
d. Software Library
b. Assets and Compliance
In the MECM console, Software Updates are located in the __________ directory.
a. Administration
b. Assets and Compliance
c. Monitoring
d. Software Library
d. Software Library
In the MECM console, Reports are located in the __________ directory.
a. Administration
b. Assets and Compliance
c. Monitoring
d. Software Library
c. Monitoring
In the MECM console, Site Configuration is located in the __________ directory.
a. Administration
b. Assets and Compliance
c. Monitoring
d. Software Library
a. Administration
Which type of MECM site sits locally at each base?
a. Remote Distribution Point
b. Central Administration Site
c. Primary Site
d. Secondary Site
c. Primary Site
Where is the Central Administration server physically located?
a. Scott APC
b. Wright Patterson APC
c. Peterson RDC
d. Joint Base Pearl Harbor Hickam
b. Wright Patterson APC
Within the Client Configuration Manager Properties which action would you initiate to retrieve the most up-to date client policy?
a. Software Inventory Cycle
b. User Policy Retrieval & Evaluation Cycle
c. Machine Policy Retrieval & Evaluation Cycle
d. Application Deployment Evaluation Cycle
c. Machine Policy Retrieval & Evaluation Cycle
Where could a user go to install software that was deployed via MECM?
a. Distribution Point
b. Security Center
c. Software Center
d. Software Update Point
b. Security Center
- Where is the client log file CCMEval.log located on the machine?
a. /var/log
b. D:\
c. C:\Windows\CCM\Logs
d. C:\Windows\ccmsetup
c. C:\Windows\CCM\Logs
CMTrace.exe is located in what Windows client folder location?
a.C:\Windows\SysWOW64\CCM\Trace\CMTrace.exe
b.C:\Windows\RemotePackages\CMTrace.exe
c. C:\Windows\ccmsetup\CMTrace.exe
d. C:\Windows\CCM\CMTrace.exe
d. C:\Windows\CCM\CMTrace.exe
MECM uses groups of users or devices called ___________.
a. Collections
b. Asset Lists
c. Libraries
d. Logs
a. Collections
- There are 4 Primary Site Suites located at Wright Patterson APC and 4 Primary Site Suites located at _______________.
a. Peterson RDC
b. Scott APC
c. Joint Base Langley-Eustis
d. Joint Base Pearl Harbor Hickam
b. Scott APC
What would you use to filter a new collection to only show results from a single base?
a. Management Point
b. Machine Policy Update
c. Limiting Collection
d. CM Trace
c. Limiting Collection
A(n) _____ rule’s membership doesn’t change unless a resource is removed from Configuration Manager and require more administrative overhead than query rule collections because they require manual changes.
a. Exclude Collection
b. Include Collection
c. Direct
d. Static
c. Direct
A(n) _____ rule’s membership will dynamically update the membership of a collection which runs on a schedule.
a. Dynamic
b. Query
c. Direct
d. Static
b. Query
Which website hosts SDC (Standard Desktop Configurations) for approved Department of Defense software products?
a. https://www.my.af.mil
b. https://ceds.gunter.af.mil
c. https://gunter.sdc.af.mil
d. http://gunter.ceds.af.mil
b. https://ceds.gunter.af.mil
In regards to content distribution, which component transfers the package to the distribution point?
a. Despooler
b. Data Transfer Service
c. File Transfer Service
d. Package Transfer Manager
d. Package Transfer Manager
Which component of CcmExec is responsible for downloading files via BITS?
a. Despooler
b. Data Transfer Service
c. File Transfer Service
d. Package Transfer Manager
b. Data Transfer Service
Which component of the Software Update Scan checks the registry to ensure Group Policy does NOT override the update server?
a. Scan Agent
b. WSUS Server
c. WUAHandler
d. Location Services
c. WUAHandler
______ is a container that stores specific information.
a. Configuration Item
b. Detection Item
c. Setting
d. Compliance Rules
a. Configuration Item
_____ detects whether an application is installed and uses the windows installer file for the application or by custom script.
a. Configuration Item
b. Detection Item
c. Setting
d. Compliance Rules
b. Detection Item
What specifies the condition that defines the compliance of a configuration item setting?
a. Configuration Item
b. Detection Item
c. Setting
d. Compliance Rules
d. Compliance Rules
Configuration baselines are used to monitor and remediate _____
a. Non-software Items
b. Registry Keys
c. Outdated Protocols
d. All the Above
d. All the Above
Which of the following is NOT an example of a software requested through a change request?
a. Wickr
b. TIMS
c. GTIMS
d. Wireshark
d. Wireshark
- When AFECMO releases an application, what is the default content location within the imported application?
a. AFECMO Lab Environment
b. C:\
c. ZHTX-EM-101P
d. ZHTX-EM-101P\Packages
a. AFECMO Lab Environment
Which of the following is NOT a default way that MECM can detect an application?
a. Registry
b. File System
c. Product Version
d. Windows Installer
c. Product Version
Which of the following detection methods within MECM looks for uninstall strings associated with applications?
a. Registry
b. File System
c. Product Version
d. Windows Installer
a. Registry
When an application is deployed to a device, what decides what deployment type is used?
a. Content Source
b. Detection Method
c. Product Version
d. Requirement
d. Requirement
- Which determines how an application is installed?
a. Deployment Type
b. Detection Method
c. Collection
d. Requirement
b. Detection Method
- By default VMOs hide the installation and do NOT give users the ability to postpone installation. The ability to postpone an installation is a part of which component?
a. Compliance Item
b. Detection Method
c. Requirement
d. User Experience
d. User Experience
- Which MECM client push method requires the computer to be discovered before a MECM client is installed?
a. Client Push Installation
b. Software Update Point Based Installation
c. Group Policy
d. Logon Script
a. Client Push Installation
Which client installation method supports using command-line properties for CCMSetup to install?
a. Client Push Installation
b. Software Update Point Based Installation
c. Group Policy
d. Logon Script
d. Logon Script
- Which of the following is NOT downloaded from the distribution point?
a. Application Content
b. Software Packages
c. Software Updates
d. Policy
d. Policy
- What is the first thing a client does during a software update deployment?
a. Scan Agent request gets created
b. Set the WSUS Server
c. Scan Agent sends a WSUS Location Request
d. Location Services sends its location to the Scan Agent
b. Set the WSUS Server
Which of the following is NOT an example of a requirement?
a. Operator exists
b. Application exists
c. Active Directory site
d. Operating System
a. Operator exists
Which of the following log files applies to updates that are for windows OS?
a. CAS.log
b. ContentTransferManager.log
c. CBS.log
d. DataTransferService.log
c. CBS.log
Which log file would you review if you are troubleshooting unexpected reboots or updates installed outside of a maintenance window?
a. CAS.log
b. ContentTransferManager.log
c. CBS.log
d. DataTransferService.log
d. DataTransferService.log
Which log files are associated with detection methods?
a. CAS.log & CCMEval.log
b. CcmMessaging.log & CCMEval.log
c. AppDetection.log & Detect.log
d. Appenforce.log & Appdiscovery.log
d. Appenforce.log & Appdiscovery.log
