QUALYS VMDR TRAINING EXAM 29 Questions with Verified Answers
Which of the following are benefits of scanning in authenticated mode? (choose 2) -
... [Show More] CORRECT ANSWER 1. More vulnerabilities are detected
2. Time saved from manually investigating potential vulnerabilities
Which of the following are valid options for scanning targets? (choose 3) - CORRECT ANSWER 1. Asset Groups
2. IP addressing
3. Asset Tags
What type of scanner appliance (already provisioned within the Qualys Cloud Platform) is ideal for scanning public facing assets? - CORRECT ANSWER External Scanner
Which of the following is NOT a component of a vulnerability scan? - CORRECT ANSWER Host Discovery
Which of the following will have the greatest impact on a half red, half yellow QID? - CORRECT ANSWER Authentication
What is the maximum number of TCP ports that can participate in the Host Discovery process? - CORRECT ANSWER 20
Which of the following items are used to calculate the Business Risk score for a particular asset group? (choose 2) - CORRECT ANSWER Business Impact
Security Risk
In order to successfully perform an authenticated (trusted) scan, you must create a(n): - CORRECT ANSWER Authentication record
Multiple Remediation Policies are evaluated: - CORRECT ANSWER from top to bottom
A search list contains a list of . - CORRECT ANSWER QIDs
Dynamic Asset Tags are updated every time you. - CORRECT ANSWER Run a scan
As a Manager in Qualys, which activities can be scheduled? - CORRECT ANSWER Asset Searches
Updates to the KnowledgeBase
Maps
Reports
Scans
What does it mean when a "pencil" icon is associated with a QID in the Qualys KnowledgeBase? - CORRECT ANSWER The QID has been edited
Which item is not mandatory for launching a vulnerability scan? - CORRECT ANSWER Authentication record
About how many services can Qualys detect via the Service Detection Module? - CORRECT ANSWER 600
By default, the first user added to a new Business Unit becomes a ____________ for that unit. - CORRECT ANSWER Unit manager
In a new Option Profile, which authentication options are enabled by default? - CORRECT ANSWER none
Which of the following vulnerability scanning options requires the use of a "dissolvable agent"? - CORRECT ANSWER Windows Share Enumeration
To produce a scan report that includes the results from a specific scan that occurred at a specific point in time, you should select the _______________ option in the Report Template. - CORRECT ANSWER Host Based Findings
About how many TCP ports are scanned when using Standard Scan option? - CORRECT ANSWER 1900
Asset Groups and Asset Tags can be used to effectively customize or fine tune - CORRECT ANSWER Reports
Vulnerability Scans
Remediation Policies
What is required in order for Qualys to generate remediation tickets? - CORRECT ANSWER Scan Results need to be processed by Qualys
A Policy needs to be created
Before you can scan an IP address for vulnerabilities, the IP address must first be added to the. - CORRECT ANSWER Hosts assets tab
What is the 6-step lifecycle of Qualys Vulnerability Management? - CORRECT ANSWER Discover, Organize Assets, Assess, Report, Remediate, Verify
Which of the following components are included in the raw scan results, assuming you do not apply a Search List to your Option Profile? - CORRECT ANSWER Potential Vulnerabilities
Information Gathered
Vulnerabilities
Which of the following types of items can be found in the Qualys KnowledgeBase? - CORRECT ANSWER Potential Vulnerabilities
Configuration data (Information Gathered)
Confirmed Vulnerabilities
Which three features of the Vulnerability Management application can be customized using a KnowledgeBase "Search List"? - CORRECT ANSWER Report Templates
Remediation Policies
Option Profiles
What type of Search List adds new QIDs to the list when the Qualys KnowledgeBase is updated? - CORRECT ANSWER Dynamic
When a host is removed from your subscription, the Host Based Findings for that host are. - CORRECT ANSWER Purged [Show Less]