QUALYS VMDR TRAINING EXAM 2023-2024 ACTUAL EXAM
130 QUESTIONS AND CORRECT DETAILED ANSWERS WITH
RATIONALES (VERIFIED ANSWERS) | AGRADE
About how many services can Qualys detect via the Service Detection
Module? - ANSWER- 600
By default, the first user added to a new Business Unit becomes a
____________ for that unit. - ANSWER- Unit manager
In a new Option Profile, which authentication options are enabled by
default? - ANSWER- none
Which of the following vulnerability scanning options requires the use
of a "dissolvable agent"? - ANSWER- Windows Share Enumeration
To produce a scan report that includes the results from a specific scan
that occurred at a specific point in time, you should select the
_______________ option in the Report Template. - ANSWER- Host
Based Findings
About how many TCP ports are scanned when using Standard Scan
option? - ANSWER- 1900
Asset Groups and Asset Tags can be used to effectively customize or
fine tune - ANSWER- Reports
Vulnerability Scans
Remediation Policies
What is required in order for Qualys to generate remediation tickets? -
ANSWER- Scan Results need to be processed by Qualys
A Policy needs to be created
Before you can scan an IP address for vulnerabilities, the IP address
must first be added to the. - ANSWER- Hosts assets tab
What is the 6-step lifecycle of Qualys Vulnerability Management? -
ANSWER- Discover, Organize Assets, Assess, Report, Remediate,
Verify
Which of the following components are included in the raw scan results,
assuming you do not apply a Search List to your Option Profile? -
ANSWER- Potential Vulnerabilities
Information Gathered
Vulnerabilities
Which of the following types of items can be found in the Qualys
KnowledgeBase? - ANSWER- Potential Vulnerabilities
Configuration data (Information Gathered)
Confirmed Vulnerabilities
Which three features of the Vulnerability Management application can
be customized using a KnowledgeBase "Search List"? - ANSWERReport Templates
Remediation Policies
Option Profiles
What type of Search List adds new QIDs to the list when the Qualys
KnowledgeBase is updated? - ANSWER- Dynamic
When a host is removed from your subscription, the Host Based
Findings for that host are. - ANSWER- Purged
What is a vulnerability - ANSWER- a weakness that cybercriminals can
exploit to gain access to a system
it is estimated that every 1000 lines of code contains one bug, and 25 if
it is not scrutinized.
what is vulnerability management - ANSWER- to proactively detect and
eliminate vulnerabilities to reduce overall security risk and prevent
exposure.
Vulnerability Management (VM) means systematically and continuously
finding and eliminating vulnerabilities in your computer systems
what is the first and most importnt step for laying the foundation of a
successful VM program. - ANSWER- Scoping (asset discovery)
Systems to Identify Inventory
-*Always begin asset scoping with internet-facing assets*
YOU CANNOT PROTECT AND SECURE WHAT YOU DONT
KNOW
This step includes organizing your computer systems according to their
role, to establish an evaluation baseline.
--This starts with directing vulnerability scanners to a certian range of IP
addresses.
how to scan remote users - ANSWER- One way to scan remote users is
to ensure they are connected to your VPN and scanning them over the
tunnel, assuming the network and VPN can handle the traffic.
The better solution is an agent-based approach. Scanning is performed
by a local agent that runs on the host machine and provides the
information necessary to evaluate the security state of the machine, with
little effect on processing, memory, and bandwidth.
Tips for effective VM - ANSWER- Automate as much as possible
-Manual intervention should be limited only to prioritize patches and
negotiate the proper window to apply those patches.
Use VM technology with a solid track record and wide use
Category | Exams and Certifications |
Comments | 0 |
Rating | |
Sales | 0 |