Qualys Web Application Scanning (EXAM)

The __________ is a staging area for Web applications discovered by scans in the Qualys Vulnerability Management (VM) application. (A) KnowledgeBase (B) Dashboard (C) Library (D) Catalog

(D) Catalog

Which WAS feature allows you to quickly change your Web Application's resolved IP address? (A) Malware Monitoring (B) Progressive Scanning (C) Redundant Links (D) DNS Override

(D) DNS Override

Which technique can WAS use to bypass authentication? (A) Custom Authentication Record (B) Burp Integration (C) Selenium Authentication Script (D) Header Injection

(D) Header Injection

Which of the following is NOT a WAS object you can tag? (A) Web Applications (B) Option Profiles (C) Reports (D) Scan Results

(D) Scan Results

Which of the following is NOT a valid vulnerability status? (A) Active (B) Re-opened (C) New (D) Fixed (E) Exploited

(E) Exploited

Which of the following scan parameters can NOT be configured in a WAS Option Profile? (A) Password Bruteforcing (B) Form Submission (C) Crawl Scope (D) Scan Intensity

(A) Password Bruteforcing

Which WAS feature will help you avoid scanning common links too many times? (A) Redundant Links (B) Malware Monitoring (C) Header Injection (D) DNS Override

(A) Redundant Links

In Qualys WAS, you can schedule (select two): (A) Reports (B) BURP scans (C) Maps (D) Scans

(A) Reports (D) Scans

You've just built an application (tagged with the "Developer" Asset Tag). What must you do to allow Fred (a developer) to begin scanning the application? (select two) (Choose all that apply) (A) Tag the application with Fred's user tag (B) Assign the "WAS Scanner" role to Fred's user account (C) Enable Progressive Scanning in Fred's user account (D) Place the "Developer" tag in Fred's user account

(A) Tag the application with Fred's user tag (B) Assign the "WAS Scanner" role to Fred's user account

Which of the following is NOT a component of a WAS crawl script? (A) Trigger (B) Selenium Script file (C) Evaluation expression (D) Catalog

(A) Trigger

Which technique would you use to build a report containing specifics on only your app's most severe vulnerabilities? (A) Add a Search List to the report (B) Add a Crawl Exclusion List to the report (C) Add a Brute Force List to the report (D) Add a Parameter Set to the report

(A) Add a Search List to the report

What attack proxies can you integrate with Qualys WAS? (A) BURP (B) W3af (C) ZAP (D) WebScarab

(A) BURP

Using the Administration Utility, which of the following scan permissions can be assigned to a user role? (select three) (Choose all that apply) (A) Cancel WAS Scan (B) Delete WAS Scan (C) Update WAS Scan (D) Launch WAS Scan

(A) Cancel WAS Scan (B) Delete WAS Scan (D) Launch WAS Scan

If the Web application URL is http://demo06.qualys.com, which Crawl Scope should you select in order to keep http://training.demo06.qualys.com in the application scope? (A) Limit to URL hostname and specified subdomain (B) Limit at or below URL hostname (C) Limit to URL hostname and specified domains (D) Limit to content located at or below URL subdirectory

(A) Limit to URL hostname and specified subdomain

How can you get your scan to follow a business workflow (such as a shopping cart transaction)? (A) Use a Selenium Script to record and replay the workflow (B) Use a Custom Authentication Record (C) Use a Crawl Exclusion List (D) Use DNS Override

(A) Use a Selenium Script to record and replay the workflow

Where can you find the number of links crawled for an Application? (select two) (Choose all that apply) (A) View the "Links" column, in the "Scan Lists" tab (B) Check QID 150009 in the Scorecard Report (C) Check QID 150009 in the Scan Report (D) On the WAS Dashboard

(A) View the "Links" column, in the "Scan Lists" tab (C) Check QID 150009 in the Scan Report

What happens when you use the "Remove Web Assets" feature? (select two) (Choose all that apply) (A) WAS purges (deletes) all of your application data for the removed application (B) A final web application scan is performed before purging the application (C) The application is removed from your WAS subscription (D) All application data is saved in the WAS catalog

(A) WAS purges (deletes) all of your application data for the removed application (C) The application is removed from your WAS subscription

A Search List can be used to customize a (Select all the apply): (A) Web Application Scan (B) Scan Report (C) Crawl Exclusions List (D) Web Application Report

(A) Web Application Scan (B) Scan Report (D) Web Application Report

Which setting defines the boundaries of a Web application? (A) Web application URL (B) Crawl Scope (C) Application name (D) Explicit URLs to Crawl

(B) Crawl Scope

Which WAS feature uses a virtual machine farm to detect a potentially malicious script in a Web application? (A) Progressive Scanning (B) Malware Monitoring (C) Redundant Links (D) DNS Override

(B) Malware Monitoring

Which Form Submission method will only test login forms? (A) NONE (B) POST & GET (C) GET (D) POST

(B) POST & GET

A Search List contains a list of: (A) Username/Password combinations (B) QIDs from the Qualys KnowledgeBase (C) Crawling hints (D) Common input parameters

(B) QIDs from the QualysBase

Confirmed Web app vulnerabilities are color coded: (A) Blue (B) Red (C) Yellow (D) Green

(B) Red

Where can you "Ignore" a vulnerability for a Web Application? (select two) (Choose all that apply) (A) Scorecard Report (B) Scan Report (C) Web Application Report (D) Detections Tab

(B) Scan Report (D) Detection Tab

Which of the following scanning challenges can be overcome using the WAS Progressive Scanning feature? (select two) (Select all that apply) (A) Scanning a web application with hard-to-find links (B) Scanning a web application with tens of thousands of links (C) Scanning a web application with multiple IP addresses (D) Scanning a web application that would normally exceed the amount of time available within a limited scanning window.

(B) Scanning a web application with tens of thousands of links (D) Scanning a web application that would normally exceed the amount of time available within a limited scanning window.

Using the "Crawling Hints" setting, WAS can crawl all links and directories found in: (select two) (Choose all that apply) (A) Index.html (B) Sitemap.xml (C) Robots.txt (D) default.css

(B) Sitemap.xml (C) Robots.txt

Outside of the "Custom Contents" option, what preset Sensitive Content types can the Web Application Scanner detect? (select two) (Choose all that apply) (A) Passwords (B) Social Security Number (C) Driving License Number (D) Credit Card Number

(B) Social Security Number (D) Credit Card Number

The Explicit URLs to Crawl field may contain (select two): (Select all that apply) (A) URLs both inside and outside of the Crawl Scope (B) URLs outside of the Crawl Scope (C) URLs within the Crawl Scope (D) URLs not automatically discovered by WAS

(B) URLs outside of the Crawl Scope (D) URLs not automatically discovered by WAS

What is the max number of hours a scan can continue on WAS before it times out? (A) 16 hours (B) 4 hours (C) 24 hours (D) 48 hours

(C) 24 hours

The Malware Monitoring option should only be enabled for: (A) Applications with a "malware" tag (B) Internal facing applications (C) External facing applications (D) Both internal and external facing applications

(C) External facing applications

What technique does WAS use to automate the detection of Web application vulnerabilities? (A) Hashing (B) Stack Fingerprinting (C) Fault Injection (D) Covert Channels

(C) Fault Injection

What HTTP method(s) are supported for Form Submissions in the Option Profile? (select two) (choose all that apply) (A) HEAD (B) OPTIONS (C) GET (D) POST

(C) GET (D) POST

If your Web application URL is http://demo06.qualys.com, which Crawl Scope should you select in order to place http://www.fdic.gov in the application scope? (A) Limit at or below URL hostname (B) Limit to URL hostname and specified domains (C) Limit to URL hostname and specified subdomain (D) Limit to content located at or below URL subdirectory

(C) Limit to URL hostname and specified subdomain

Which of the following Crawl Exclusion Lists can be generated using a WAS Application Sitemap? (select two) (A) White List (B) Black List (C) Post Data Black List (D) Logout regular expression

(C) Post Data Black List (D) Logout regular expression

Potential Web app vulnerabilities are color coded: (A) Blue (B) Red (C) Yellow (D) Green

(C) Yellow

If your application URL is: www.example.org/new/ , which of the of following links will be crawled if the Crawl Scope is set to "Limit to content at or below URL subdirectory"? (select two) (Choose all that apply) (A) www.example.org/existing (B) www.example.org (C)www.example.org/new/customers (D) www.example.org/new

(C)www.example.org/new/customers (D)www.example.org/new

When launching a Web Application Scan, you have the option to override some default settings. Which of the following options can NOT be overridden? (A) Option Profile (B) Crawl Scope (C) Scanner Appliance (D) Authentication Record

(D) Authentication Record