Qualys Patch Management (Course Quizzes) 37 Questions with Verified Answers
Which of these is a reason for using a Patch Management
... [Show More] solution?
(A) To monitor logs on the asset
(B) To scan for viruses
(C) To close open ports and services
(D) To address vulnerabilities - CORRECT ANSWER (D) To address vulnerabilities
Which of these Qualys solutions would you use to address vulnerabilities on your assets?
(A) Vulnerability Management
(B) Patch Management
(C) Endpoint Detection and Response
(D) Policy Compliance - CORRECT ANSWER (B) Patch Management
Which of these sensors does Qualys use to deploy patches?
(A) Scanner appliances
(B) Cloud connectors
(C) Passive sensor
(D) Cloud agent - CORRECT ANSWER (D) Cloud agent
Which of these actions is commonly performed after deploying patches?
(A) Asset is decommissioned
(B) Asset is scanned
(C) Asset is rebooted
(D) Asset is reimaged - CORRECT ANSWER (C) Asset is rebooted
Which of these is a recommended approach to patching assets?
(A) Uninstall old patches and apply new
(B) Do not apply patches unless necessary
(C) Apply patches on a set of test assets, verify that the patches do not cause issues, and patch the remaining assets
(D) Apply patches on all assets right away - CORRECT ANSWER (C) Apply patches on a set of test assets, verify that the patches do not cause issues, and patch the remaining assets
Qualys Patch Management correlates missing patches with vulnerabilities.
(A) False
(B) True - CORRECT ANSWER (B) True
Which of these is true about Qualys Patch Management?
(A) it can install the operating system and third-party application patches
(B) it can install third-party application patches only
(C) it can install operating system patches only - CORRECT ANSWER (A) it can install the operating system and third-party application patches
Which of these is used by Qualys Patch Management to deploy patches?
(A) Scanner appliance
(B) Cloud connector
(C) Cloud Agent - CORRECT ANSWER (C) Cloud Agent
Which of these is NOT a stage in the VMDR lifecycle?
(A) Governance
(B) Vulnerability & Config Assessment
(C) Threat Risk and Prioritization
(D) Asset Inventory
(E) Patch Management - CORRECT ANSWER (A) Governance
Which of these can be used as a local repository to download patches?
(A) Qualys Cloud Agent
(B) Qualys Scanner appliance
(C) Qualys Gateway Server
(D) Qualys Passive Sensor - CORRECT ANSWER (C) Qualys Gateway Server
By default, how often are agents check for missing patches?
(A) 8 hours
(B) 6 hours
(C) 4 hours
(D) 24 hours - CORRECT ANSWER (C) 4 hours
Which of these is true about the patch catalog?
(A) by default, superseded patches are shown
(B) by default, superseded patches are hidden - CORRECT ANSWER (B) by default, superseded patches are hidden
Which of these would you use to assign Patch Management licenses to hosts?
(A) hostnames
(B) IP addresses
(C) asset tags
(D) asset groups - CORRECT ANSWER (C) asset tags
You want to change the default assessment duration for missing patches? Which of the following will you perform?
(A) Create a new activation key
(B) Create and assign a new assessment profile
(C) Redeploy the agent
(D) Create a new configuration profile - CORRECT ANSWER (B) Create and assign a new assessment profile
What is the default "Cache size" allocated for Patch Management?
(A) 2048 MB
(B) 1024 MB
(C) 512 MB
(D) 256 MB - CORRECT ANSWER (A) 2048 MB
PM Work Flow - CORRECT ANSWER Step 1: Install Cloud Agent on the target host
Step 2: Assign target agent host to a CA Configuration Profile that has PM enabled
Step 3: Assign PM license to the host
Step 4: Configure patch deployment job
Which of these is true?
(A) a patch deployment job can be configured to suppress asset reboot
(B) a patch deployment job cannot suppress asset reboot - CORRECT ANSWER (A) a patch deployment job can be configured to suppress asset reboot
Which of these is true about patch deployment jobs?
(A) by default, all users can edit a patch deployment job
(B) by default, only the user who created the patch deployment job can edit it - CORRECT ANSWER (B) by default, only the user who created the patch deployment job can edit it
You want to create a deployment job that includes patches based on criteria. For example - security patches with critical severity.
Which patch selection option would you use?.
(A) manual patch selection
(B) automatic patch selection - CORRECT ANSWER (B) automatic patch selection
Which of these is true?
(A) patch deployment jobs cannot be scheduled; they must run on-demand
(B) patch deployment jobs can be scheduled for a future date - CORRECT ANSWER (B) patch deployment jobs can be scheduled for a future date
Which of these is true about patch deployment jobs?
(A) only some patch jobs can be cloned
(B) all patch jobs can be cloned - CORRECT ANSWER (B) all patch jobs can be cloned
Which of these can you use to include hosts in a patch deployment job?(Select 2)
(A) Asset groups
(B) Asset Tags
(C) Hostnames
(D) IP addresses - CORRECT ANSWER (B) Asset Tags
(C) Hostnames
The prioritized products report allows you to view the total number of product vulnerabilities (active and fixed) detected in your environment over the last _______________.
(A) Two Weeks
(B) Two Months
(C) Two Days
(D) Two years - CORRECT ANSWER (D) Two years
Why would you use the "Enable opportunistic patch download" option?
(A) to have the agent download the patch before the scheduled job begins
(B) to have the agent download the patch after the scheduled job begins - CORRECT ANSWER (A) to have the agent download the patch before the scheduled job begins
Which of these would you use to identify patchable applications that introduce the most number of vulnerabilities in your subscription?
(A) patch catalog
(B) patch report
(C) prioritized products report - CORRECT ANSWER (C) prioritized products report
Which of the following Qualys applications or services provide the ability to create a patch job? (Select three)
(A) EDR
(B) PM
(C) VMDR
(D) Vm - CORRECT ANSWER (B) PM
(C) VMDR
(D) Vm
VMDR Prioritization Report helps you to:
(A) Download patches from Vendor Global CDNs
(B) Create tickets for high-risk vulnerabilities
(C) Identify patches required to fix high-risk vulnerabilities
(D) Identify vulnerabilities that pose the maximum risk to your business
(E) Run scans to identify high-risk vulnerabilities - CORRECT ANSWER (C) Identify patches required to fix high-risk vulnerabilities
(D) Identify vulnerabilities that pose the maximum risk to your business
Which query would you use to identify vulnerabilities that can be patched by Qualys Patch Management?
(A)vulnerabilities.vulnerability.qualysPatchable:TRUE
(B)Patchable.vulnerabilities.qualys:FALSE
(C)vulnerabilities.vulnerability.qualysPatchable:FALSE
(D)Patchable.vulnerabilities.qualys:TRUE - CORRECT ANSWER (A)vulnerabilities.vulnerability.qualysPatchable:TRUE
Which of these is true?
(A) all vulnerabilities have a patch
(B) not all vulnerabilities have a patch - CORRECT ANSWER (B) not all vulnerabilities have a patch
VMDR Prioritization report automatically prioritizes the high-risk vulnerabilities for the most critical assets.
(A) Correct
(B) Incorrect - CORRECT ANSWER (A) Correct
Zero Touch Patching helps: (Select two)
(A) To update endpoints and servers proactively as soon as patches are available
(B) Automatically create tickets for missing patches
(C) Automate patch vulnerabilities based on the Real Time Threat Indicators (RTIs)
(D)Runs security scans after every four hours
(E) Automatically export patch information - CORRECT ANSWER (A) To update endpoints and servers proactively as soon as patches are available
(C) Automate patch vulnerabilities based on the Real Time Threat Indicators (RTIs)
Which query will list patches that Qualys can uninstall?
(A) isUninstall: true
(B) isRollback: true
(C) isRollback: false
(D) isUninstall: false - CORRECT ANSWER (B) isRollback: true
Which of these is true about a zero-touch patch job?
(A) a zero-touch patch job can only be scheduled for a future date
(B) a zero-touch patch job automatically includes required patches using a QQL query
(C) you can manually select patches to include in the zero-touch patch job - CORRECT ANSWER (B) a zero-touch patch job automatically includes required patches using a QQL query
Which of the following statements about uninstalling patches is true?
(A) Not all patches in the Patch Catalog can be uninstalled.
(B) Uninstallable patches are shown with a key-shaped symbol
(C) All patches in the Patch Catalog can be uninstalled. - CORRECT ANSWER (A) Not all patches in the Patch Catalog can be uninstalled.
(A)
(B)
(C)
(D) - CORRECT ANSWER
(A)
(B)
(C)
(D) - CORRECT ANSWER
(A)
(B)
(C)
(D) - CORRECT ANSWER [Show Less]