Qualys Vulnerability Management v1
Which of the following are valid options for scanning targets? (choose 3). - Asset Groups - Domain Name - IP addressing - Asset Tags - Search Lists - MAC Address
- Asset Group - IP Addressing - Asset Tags
As a Manager in Qualys, which activities can be scheduled? - Asset Searches - Updates to the KnowledgeBase - Maps - Reports - Scans
- Asset Searches - Updates to the KnowledgeBase - Maps - Reports - Scans
Which of the following items are used to calculate the Business Risk score for a particular asset group? (choose 2) - Business Impact - Security Risk - CVSS Base - CVE ID
- Business Impact - Security Risk
What type of Search List adds new QIDs to the list when the Qualys KnowledgeBase is updated? - Active - Static - Dynamic - Passive
- Dynamic
Which of the following are benefits of scanning in authenticated mode? (choose 2) - Fewer confirmed vulnerabilities - More vulnerabilities are detected - Time saved from manually investigating potential vulnerabilities - More accurate scan details
- More vulnerabilities are detected - Time saved from manually investigating potential vulnerabilities
Which of the following types of items can be found in the Qualys KnowledgeBase? (choose all that apply) - Potential Vulnerabilities - Configuration data (Information Gathered) - Confirmed Vulnerabilities - Asset Groups - Remediation Tickets
- Potential Vulnerabilities - Configuration data (Information Gathered) - Confirmed Vulnerabilities
Which of the following components are included in the raw scan results, assuming you do not apply a Search List to your Option Profile? (choose all that apply) - Host IP - Option Profile Settings - Potential Vulnerabilities - Information Gathered - Vulnerabilities
- Potential Vulnerabilities - Information Gathered - Vulnerabilities
When a host is removed from your subscription, the Host Based Findings for that host are. - Ranked - Purged - Ignored - Archived
- Purged
Which three features of the Vulnerability Management application can be customized using a KnowledgeBase "Search List"? - Authentication Records - Report Templates - Remediation Policies - Option Profiles
- Report Templates - Remediation Policies - Option Profiles
What is required in order for Qualys to generate remediation tickets? (choose all that apply) - Scan Results need to be processed by Qualys - A Policy needs to be created - A Map needs to be run - A Remediation Report needs to be run
- Scan Results need to be processed by Qualys - A Policy needs to be created
About how many TCP ports are scanned when using Standard Scan option? - 1900 - 10 - 20 - 65535
1900
What is the maximum number of TCP ports that can participate in the Host Discovery process? - 10 - 65535 - 1900 - 20
20
About how many services can Qualys detect via the Service Detection Module? - 13 - 512 - 20 - 600
600
Which of the following will have the greatest impact on a half red, half yellow QID? - Share Enumeration - Scan Dead Hosts - Authentication - Authoritative Option
Authentication
In order to successfully perform an authenticated (trusted) scan, you must create a(n): - Authentication Record - Search List - Asset Map - Report Template
Authentication Record
Which item is not mandatory for launching a vulnerability scan? - Target Hosts - Option Profile - Authentication Record - Scanner Appliance
Authentication Record
What is the 6-step lifecycle of Qualys Vulnerability Management? - Mapping, Scanning, Reporting, Remediation, Simplification, Authentication - Learning, Listening, Permitting, Forwarding, Marking, Queuing - Bandwidth, Delay, Reliability, Loading, MTU, Up Time - Discover, Organize Assets, Assess, Report, Remediate, Verify
Discover, Organize Assets, Assess, Report, Remediate, Verify
What type of scanner appliance (already provisioned within the Qualys Cloud Platform) is ideal for scanning public facing assets? - Offline Scanner - Virtual Scanner - External Scanner - Internal Scanner
External Scanner
Multiple Remediation Policies are evaluated: - From top to bottom - From bottom to top - Based on the rule creation date - In no specific order
From top to bottom
Before you can scan an IP address for vulnerabilities, the IP address must first be added to the. - Host Assets tab - Business Units tab - Domains tab - Search List tab
Host Assets tab
To produce a scan report that includes the results from a specific scan that occurred at a specific point in time, you should select the _______________ option in the Report Template. - Scan Based Findings - Dynamic Findings - Static Findings - Host Based Findings
Host Based Findings
4. Which of the following is NOT a component of a vulnerability scan? - Host Discovery - OS Detection - Port Scanning - Business Impact
Host Discovery
In a new Option Profile, which authentication options are enabled by default? - All - Unix - Windows - None
None
To exclude a specific QID/vulnerability from a vulnerability scan you would: - Disable the QID in the Qualys KnowledgeBase. - Ignore the vulnerability from within a report. - Place the QID in a search list, and exclude that search list from within the Option Profile. - You cannot exclude QID/Vulnerabilities from vulnerability scans.
Place the QID in a search list, and exclude that search list from within the Option Profile.
A search list contains a list of QIDs Host Assets Applications Asset Groups
QIDs
Asset Groups and Asset Tags can be used to effectively customize or fine tune ... (choose all that apply) - Reports - Vulnerability Scans - Remediation Policies - Search Lists
Reports Vulnerability Scans Remediation Policies
Dynamic Asset Tags are updated every time you. - Run a scan - Create a remediation policy - Run a report - Search the KnowledgeBase
Run a scan
What does it mean when a "pencil" icon is associated with a QID in the Qualys KnowledgeBase? - There is malware associated with the QID - The QID has a known exploit - The QID has been edited - A patch is available for the QID
The QID has been edited
By default, the first user added to a new Business Unit becomes a ____________ for that unit. - Auditor - Administrator - Reader - Scanner - Unit Manager
Unit Manager
Which of the following vulnerability scanning options requires the use of a "dissolvable agent"? - Windows Share Enumeration - TCP port scanning - Scan Dead Hosts - UDP port scanning
Windows Share Enumeration