Terms in this set (50)

Original
List the default tracking methods available for adding assets to your "scanning" subscription.
(Select Three)

(A) DNS Name

(B) NetBIOS Name
(C) CVE ID
(D)Qualys Host ID
(E) IP Address
(A) DNS Name
(B) NetBIOS Name
(E) IP Address
Name the phase or step of the Qualys Vulnerability Management Lifecycle that produces scan
results containing vulnerability findings?

(A) Report
(B) Discover
(C) Remediate
(D) Assess
(D) Assess
Which of the following is the default tracking method used by Qualys Cloud Agents?

(A) IP Address
(B) Qualys Host ID
(C) DNS Name
(D) NetBIOS Name
(B) Qualys Host ID
Which of the following are phases of the Vulnerability Management Lifecycle?

(A) Maintenance
(B) Remediate
(C) Design
(D) Discover
(E) Report
(B) Remediate
(D) Discover
(E) Report
Name the type of scanner appliance (by default) available to all Qualys users with "scanning"
privileges?

(A) External (Internet-based) Scanner

(B) Offline Scanner
(C) Virtual Scanner
(D) Internal Scanner
(A) External (Internet-based) Scanner
Only the _________ user role can edit QIDs in your account KnowledgeBase.

(A) Manager
(B) Administrator
(C) Scanner
(D) Unit Manager
(A) Manager
Potential vulnerabilities are automatically verified. (True/ False)

(A) True
(B) False
(B) False
A severity ____________ vulnerability is the most urgent.

(A) Level 5
(B) Level 1
(C) Level 2
(D) Level 4
(A) Level 5
Which of the following criteria can be used to create a dynamic Search List? (Select Three).

(A) Host Name

(B) Severity Level
(C) IP Address
(D) CVE ID
(E) CVSS Score
(B) Severity Level
(D) CVE ID
(E) CVSS Score
What is the name given to a custom list of QIDs taken from the Qualys KnowledgeBase?

(A) Search List

(B) Host Assets
(C) Asset Group
(D) Authentication Record
(A) Search List
You have just created a Search List. Where can you use or apply it? (Select Three)

(A) Report Template

(B) Remediation Policy
(C) Asset Group
(D) Business Unit
(E) Asset Tag
(F) Option Profile
(A) Report Template
(B) Remediation Policy
(F) Option Profile
A static Search List is created and updated ____________.

(A) Manually
(B) Explicit
(C) By Default
(D) Automatically
(A) Manually
What are the primary methods available in Qualys VM, for grouping, labeling, and organizing
host assets? (Select Two)

(A) Severity Levels

(B) Search Lists
(C) Asset Groups
(D) Asset Tags
(C) Asset Groups
(D) Asset Tags
Which of the following options can be used to add assets to an Asset Group? (Select Three)

(A) DNS name

(B) MAC address
(C) IP address
(D) NetBIOS name
(A) DNS name
(C) IP address
(D) NetBIOS name
Scans must be performed in "________________" mode to produce a list of installed software
applications.

(A) Authorized
(B) Administrative
(C) Temporary
(D) Authenticated
(D) Authenticated
Why is it beneficial to configure the Business Impact of an Asset Group?

(A) It's used to calculate Business Risk

(B) It's used to calculate storage space
(C) It's used to calculate Severity Levels
(D) It's used to calculate CVSS Scores
(A) It's used to calculate Business Risk
A "static" Asset Tag will adjust dynamically and automatically to changes made to your host
assets. (True/False)
(A) True
(B) False
(B) False
The service creates some initial asset tags based on the existing objects (configurations) in your
account. List those asset tags. (Select Four)

(A) Asset Groups

(B) Business Units
(C) Malware Domaine Assets
(D) Web Application Assets
(E) Software Installed
(A) Asset Groups
(B) Business Units
(C) Malware Domaine Assets
(D) Web Application Assets
Which of the following is NOT a benefit or characteristic of Asset Tags?

(A) Dynamically updated

(B) Hierarchical organization (support nesting)
(C) Helps to automate scanning and reporting tasks
(D) Identifies the "Business Impact" of host assets
(D) Identifies the "Business Impact" of host assets
A filtering device can impact the _______ ability to assess a host for vulnerabilities.

(A) Scanner's
(B) Agent's
(C) Connector's
(D) API's
(A) Scanner's
Qualys Cloud Agent is installed as a local system service on each host as ___________
agent/agents per host.

(A) Multiple
(B) Zero
(C) One
(D) Twin
(C) One
You are building an Options Profile that targets "Zero Day" vulnerabilities. Which "Scan" option
will allow you to use a "Zero Day" Search List to achieve this objective?

(A) Password Brute Forcing

(B) Additional Certificate Detection
(C) Vulnerability Detection
(D) TCP Ports
(C) Vulnerability Detection
Agents and Scanners can be combined to cater to the vulnerability assessment needs.

(A) Correct
(B) Incorrect
(A) Correct
The primary modules that collect the host configuration data are:
(Select Four)

(A) Porting Scanning

(B) Operating System Detection
(C) Service Detection
(D) Network Scanning
(E) Host Discovery
(A) Porting Scanning
(B) Operating System Detection
(C) Service Detection
(E) Host Discovery
Which of the following sensors are presently used by Qualys VM to collect the data needed to
perform host vulnerability assessments? (Select Two)

(A) Cloud Connector

(B) Scanner Appliance
(C) Cloud Agent
(D) Passive Sensor
(B) Scanner Appliance
(C) Cloud Agent
One of your "Scanner" users would like to perform a comprehensive scan (occasionally) that
targets the maximum number of service ports. Which port scanning option do you recommend?

(A) None
(B) Standard Scan
(C) Light Scan
(D) Full
(D) Full
Which module does a Qualys Scanner Appliance load to determine the LIVE/DEAD status of
targeted hosts?

(A) Service Detection

(B) OS Detection
(C) Host Discovery
(D) Port Scanning
(C) Host Discovery
Which of the following is NOT a valid target for launching a scan?

(A) IP address
(B) Search List
(C) Asset Tag
(D) Asset Group
(B) Search List
To scan the IP addresses in your Qualys subscription you first need to add:

(A) Scan Preferences

(B) Host IPs
(C) Asset Tag
(D) Asset Group
(B) Host IPs
It is a "best practice" to perform your assessment scans in "_____________" mode.

(A) Authenticated
(B) Authorized
(C) Administrative
(D) Scanning
(A) Authenticated
Which of the following are required to launch a vulnerability scan? (Select Three)

(A) Target Hosts

(B) Scanner Appliance
(C) Authentication
(D) Option Profile
(A) Target Hosts
(B) Scanner Appliance
(D) Option Profile
By default, the agent collects data after every:

(A) Four Hours

(B) Ten Hours
(C) Twelve Hours
(D) Six Hours
(A) Four Hours
Report templates cannot be customized.

(A) Incorrect
(B) Correct
(A) Incorrect
Which report type is NOT created from a Report Template?

(A) Patch Report

(B) Authentication Report
(C) Map Report
(D) Remediation Report
(B) Authentication Report
One of your colleagues would like to build a report to display vulnerability findings over the last
three months (including trending information)? What do you recommend?

(A) Build a scan template that uses Scan Based findings

(B) Build a scan template that sorts findings by Asset Group
(C) Build a scan template with the "All" Asset Group as its target
(D) Build a scan template that uses Host-Based Findings
(D) Build a scan template that uses Host-Based Findings
Name the types of reports:
(Select Four)

(A) Scan Report

(B) Map Report
(C) Patch Report
(D) Application Report
(E) Remediation Report
(A) Scan Report
(B) Map Report
(C) Patch Report
(E) Remediation Report
The ________ report allows you to track the status of any vulnerability on any host.

(A) Technical
(B) Executive
(C) Scan
(D) Trend
(D) Trend
Identify the report types that can be scheduled: (Select Three)

(A) Asset reports

(B) Scan reports using Host-based Findings
(C) Patch reports
(D) Application reports
(E) Remediation reports
(B) Scan reports using Host-based Findings
(C) Patch reports
(E) Remediation reports
Identify the most privileged user role.

(A) Administrator
(B) Manager
(C) Scanner
(D) Auditor user
(B) Manager
What are the two components of every Business Unit?
(A) Vendors
(B) Assets
(C) Users
(D) Suppliers
(B) Assets
(C) Users
A business unit can have more than one Unit Manager.

(A) Incorrect
(B) Correct
(B) Correct
Only ______________ users can edit the default security options for your Qualys account.

(A) Administrators
(B) Manager
(C) Auditor user
(D) KnowledgeBase
(B) Manager
Which user role cannot scan assets but can view reports?

(A) Manager
(B) Reader
(C) Scanner
(D) Unit Manager
(B) Reader
Remediation policies for the teams dedicated to specific groups of host assets can be constructed
using _____________ Groups.

(A) Asset
(B) Application
(C) Scanning
(D) Vulnerability
(A) Asset
___________ can be set on your remediation policy to ensure you are tracking the remediation
of vulnerabilities on host systems is occurring in a timely manner.

(A) Filtering
(B) Processing
(C) Deadlines
(D) Ordering
(C) Deadlines
What are the two components of every Remediation Policy?

(A) Results
(B) Actions
(C) Conditions
(D) Graphics
(B) Actions
(C) Conditions
In which order are the Multiple Remediation Policies evaluated?

(A) From bottom to top

(B) In no specific order
(C) Based on the rule creation date
(D) From top to bottom
(D) From top to bottom
Which of the following does not accurately describe a behavior or characteristic of a
Remediation Policy?

(A) A Remediation policy can be configured to ignore certain vulnerability QIDs

(B) Remediation policies contain conditions and actions
(C) A remediation policy can be configured to assign detected vulnerabilities to Qualys users
(D) A remediation policy at the bottom of the list has precedence over the policies above it
(D) A remediation policy at the bottom of the list has precedence over the policies above it
(A)
(B)
(C)
(D)
...
(A)
(B)
(C)
(D)
...

VMDR Qualys Exam

Vulnerability Management Detection & Response

Questions & Answer

1. Which of the following tasks are performed by a Qualys patch job? (choose 2)
Choose all that apply:

 Uninstall existing patches

 Install or deploy missing patches
2. After Qualys Cloud Agent has been successfully installed on a target host, which
of the following “Patch Management” setup steps must be completed, before
host patch assessments can begin? (choose 3) Choose all that apply:

 Activate PM module on host

 Assign host to CA Configuration Profile (with PM enabled)
 Assign host to an enabled PM Assessment Profile

3. By default, which of the following factors are used by the VMDR Prioritization
Report, to prioritize vulnerabilities? (choose 3) Choose all that apply:

 Vulnerability Age
 Real-Time Threat Indicators
 Attack Surface

4. What does it mean, when a patch is displayed with a “key-shaped” symbol?

Choose an answer:

 The patch cannot be downloaded by Qualys Cloud Agent.

5. Qualys Cloud Connector will allow you to enumerate host instances and collect
useful metadata from which of the following cloud platforms? (choose 3) Choose
all that apply:

 Amazon AWS
 Google Cloud Platform
 Microsoft Azure

6. When a Qualys Scanner Appliance is used for data collection, which of the
following guidelines will help to reduce the number of “unidentified” assets
appearing in Asset Inventory? Choose all that apply:

 Perform scans in “authenticated” mode.

 Configure network filtering devices to let scan traffic through.

7. Which “Active Threat” category leverages machine learning to determine if

presently non-exploitable vulnerabilities should be prioritized? Choose an answer:

 Predicted High Risk

8. Qualys Cloud Agents can be downloaded and installed from which of the
following places? (choose 2) Choose all that apply:

 VMDR “Welcome” page

 Activation Keys tab of the Cloud Agent application**

9. Which “Active Threat” category includes attacks that require little skill and do not
require additional information? Choose an answer:

 Easy Exploit

10. The “sniffing” interface of a Qualys Passive Sensor, is designed to connect to what
type of network devices? (choose 2) Choose all that apply:

 TAP
 Switch (SPAN Port)

11. Which of the following identifies the correct order of the VMDR Lifecycle phases?
Choose an answer:

 Asset Management, Vulnerability Management, Threat Detection & Prioritization,

Response

12. Which of the following statements about Qualys Patch Management’s “patch
sources” is false? Choose an answer:

 A VPN connection to your corporate network is required to download patches.

13. If Qualys Passive Sensor discovers an asset that is not managed within your
Qualys account, it is placed in the ____________ section of the Asset Inventory
application. Choose an answer:

 Unmanaged

14. Which type of Dashboard Widget can be configured to change color, as its
tracked data reaches specific conditions or threshold levels? Choose an answer:

 count

15. From the PATCHES section in the Patch Management application, which query
produces a list of “uninstallable” patches? Choose an answer:
 isRollback:true

16. Which Qualys application, provides the Real-Time Threat Indicators (RTIs) used in
the VMDR Prioritization Report? Choose an answer:

 Threat Protection

17. By default, If you attempt to install Qualys Cloud Agent from the VMDR
“Welcome” page, what Activation Key will be used? Choose an answer:

 Default VMDR Activation Key

18. Which “Active Threat” category includes vulnerabilities that are actively attacked
and have no patch available? Choose an answer:

 Zero Day

19. Qualys provides virtual scanner appliances for which of the following cloud
platforms? (choose 3) Choose all that apply:

 Amazon AWS
 Google Cloud Platform
 Microsoft Azure

20. Which of the following tasks are performed by a patch assessment scan? (choose
2) Choose all that apply:

 Discover patches already installed

 Discover missing patches

21. The Qualys Asset Inventory application distinguishes your asset inventory using
which of the following categories? (choose 3) Choose all that apply:

 Hardware
 Operating System
 Software

22. **Which Qualys sensors collect the type of data needed to perform vulnerability
assessments? (choose 2) Choose all that apply:

 Scanner Appliance
 Passive Sensor

23. Which Qualys application module is NOT included in the Default VMDR
Activation Key? Choose an answer:

 PCI Compliance (PCI)

24. Which Asset Tag rule engine, will allow you to label or tag assets, using hardware,
software, and OS categories? Choose an answer:

 Asset Inventory

25. In the Qualys Asset Inventory application, if adequate data exists (for Qualys to
properly categorize an asset’s hardware or OS), but they have yet to be added to
the asset catalog, they will potentially be listed as __________ . Choose an answer:

 Unknown

26. Which of the following frequencies, can be used to schedule a Patch Deployment
Job? (choose 3) Choose all that apply:

 Weekly
 Monthly
 Daily

27. Which phase of the VMDR Lifecycle is addressed by Qualys Patch Management
(PM)? Choose an answer:

 Response

28. Presently, you can add up to _____ patches to a single job. Choose an answer:

 **200

29. Which Qualys technology provides a patch download cache, to achieve a more
efficient distribution of downloaded patches, to local agent host assets? Choose
an answer:

 Qualys Gateway Server

30. Which of the following conventions can be used to include or assign host assets
to a job? (choose 2) Choose all that apply:
  Asset Tag
 Asset Name

@ 2021