Final Test Question
Final Test Question
1. Which of the following tasks are performed by a Qualys patch job? (choose 2) Choose all that
apply:
2. After Qualys Cloud Agent has been successfully installed on a target host, which of the
following “Patch Management” setup steps must be completed, before host patch
assessments can begin? (choose 3) Choose all that apply:
3. By default, which of the following factors are used by the VMDR Prioritization Report, to
prioritize vulnerabilities? (choose 3) Choose all that apply:
Vulnerability Age
Attack Surface
4. What does it mean, when a patch is displayed with a “key-shaped” symbol? Choose an
answer:
5. Qualys Cloud Connector will allow you to enumerate host instances and collect useful
metadata from which of the following cloud platforms? (choose 3) Choose all that apply:
Amazon AWS
Microsoft Azure
6. When a Qualys Scanner Appliance is used for data collection, which of the following guidelines
will help to reduce the number of “unidentified” assets appearing in Asset Inventory? Choose
all that apply:
8. Qualys Cloud Agents can be downloaded and installed from which of the following places?
(choose 2) Choose all that apply:
9. Which “Active Threat” category includes attacks that require little skill and do not require
additional information? Choose an answer:
Easy Exploit
10. The “sniffing” interface of a Qualys Passive Sensor, is designed to connect to what type of
network devices? (choose 2) Choose all that apply:
TAP
Switch Port Analyzer (SPAN) is switch specific tool that copies Ethernet frames passing through switch
ports and send these frames out to specific port. Switch itself doesn’t analyze these copied frames, it
send frames out of specific port to network analyzer. A Network analyzer may be purpose build hardware
appliance or an application running on the host. The analysis of these frames are done to troubleshoot
network. Sometimes frame analysis is also done to dig out contents of frame to find any malicious
content hidden inside the frame.
11. Which of the following identifies the correct order of the VMDR Lifecycle phases? Choose an
answer:
12. Which of the following statements about Qualys Patch Management’s “patch sources” is
false? Choose an answer:
13. If Qualys Passive Sensor discovers an asset that is not managed within your Qualys account, it
is placed in the ____________ section of the Asset Inventory application. Choose an answer:
Unmanaged
14. Which type of Dashboard Widget can be configured to change color, as its tracked data
reaches specific conditions or threshold levels? Choose an answer:
count
15. From the PATCHES section in the Patch Management application, which query produces a list
of “uninstallable” patches? Choose an answer:
isRollback:true
16. Which csam, provides the Real-Time Threat Indicators (RTIs) used in the VMDR Prioritization
Report? Choose an answer:
Threat Protection
17. By default, If you attempt to install Qualys Cloud Agent from the VMDR “Welcome” page,
what Activation Key will be used? Choose an answer:
18. Which “Active Threat” category includes vulnerabilities that are actively attacked and have no
patch available? Choose an answer:
Zero Day
19. Qualys provides virtual scanner appliances for which of the following cloud platforms?
(choose 3) Choose all that apply:
Amazon AWS
Microsoft Azure
20. Which of the following tasks are performed by a patch assessment scan? (choose 2) Choose all
that apply:
21. The Qualys Asset Inventory application distinguishes your asset inventory using which of the
following categories? (choose 3) Choose all that apply:
Hardware
Operating System
Software
22. **Which Qualys sensors collect the type of data needed to perform vulnerability
assessments? (choose 2) Choose all that apply:
Scanner Appliance
Passive Sensor
23. Which Qualys application module is NOT included in the Default VMDR Activation Key?
Choose an answer:
24. Which Asset Tag rule engine, will allow you to label or tag assets, using hardware, software,
and OS categories? Choose an answer:
Asset Inventory
25. In the Qualys Asset Inventory application, if adequate data exists (for Qualys to properly
categorize an asset’s hardware or OS), but they have yet to be added to the asset catalog, they
will potentially be listed as __________ . Choose an answer:
Unknown
26. Which of the following frequencies, can be used to schedule a Patch Deployment Job? (choose
3) Choose all that apply:
Weekly
Monthly
Daily
27. Which phase of the VMDR Lifecycle is addressed by Qualys Patch Management (PM)? Choose
an answer:
Response
28. Presently, you can add up to _____ patches to a single job. Choose an answer:
**2000
29. Which Qualys technology provides a patch download cache, to achieve a more efficient
distribution of downloaded patches, to local agent host assets? Choose an answer:
Asset Tag
Asset Name
In the patch report template, which evaluation provides the most accurate
patches that need to be installed?
(A) Scan report with vulnerability search list or Threat Protection RTI filter
(B) Cloud Agent data collection followed by an authenticated scan
(C) Scan job with a custom vulnerability filter
(D) Unauthenticated scan
(E) Cloud Agent scan
(A) Scan report with vulnerability search list or Threat Protection RTI filter
(C) Scan job with a custom vulnerability filter
Identify the vulnerability types excluded by default in the VM/VMDR Dashboard.
Select all that apply.***
(A) Confirmed
(B) Potential
(C) Patched
(D) Information Gathered
(B) Potential
Stale asset and vulnerability data can affect your security risk and business risk
calculations. ***
(A) False
(B) True
(B) True
Adding non-Qualys user's email in the distribution group helps you distribute the
scheduled report to such users. ***
(A) True
(B) False
(A) True
When using host-based findings, which of these needs to be turned on to toggle
the inclusion of Fixed vulnerabilities in the report?***
(A) Trending
(B)
(C)
(D)
(A) Trending
Which finding type allows you to include trending data in your reports?***
Which of the following identifies the correct order of the VMDR Lifecycle phases?
Choose an answer:
Choose an answer:
2000
1250
1750
1500
Which Qualys sensors collect the type of data needed to perform vulnerability assessments? Select
two.
Cloud Connector
Scanner Appliance
Cloud Agent
Question 6 of 30
Which “Active Threat” category includes attacks that require little skill and do not require additional
information?
Choose an answer:
Easy Exploit
Public Exploit
Zero Day
Qualys provides virtual scanner appliances for which of the following cloud platforms? Select three.
Amazon AWS
Rackspace Cloud
Microsoft Azure
Choose an answer:
Premier
Trial
Commercial
Open Source
Which Qualys technology provides a patch download cache, to achieve a more efficient distribution of
downloaded patches, to local agent host assets?
Choose an answer:
Qualys Connector
Which of the following queries will display assets with a Relational Database Management System?
Choose an answer:
software:(category1:Databases / RDBMS)
software:(Databases / RDBMS)
software:(category2:Databases / RDBMS)
software:(category:Databases / RDBMS)
Which of the following conventions can be used to include or assign host assets to a job? Select two.
Business Unit
Asset Name
Asset Tag
Asset Group
In the given question, the two conventions that can be used to include or assign host assets to a job in
Qualys are:
Asset Group: Assets can be grouped together based on common characteristics such as location,
operating system, or application type. ...
Asset Tag: Assets can be tagged with custom attributes, such as business unit or asset name,
making it easier to organize and manage assets within the Qualys platform. ...
Using the “Search” field (found in the VULNERABILITIES section of VMDR), which query will
produce a list of “patchable” vulnerabilities?
Choose an answer:
vulnerabilities.vulnerability.qualysPatchable:TRUE
vulnerabilities.vulnerability.isPatchable:TRUE
vulnerabilities.vulnerability.qualysPatchable:FALSE
vulnerabilities.vulnerability.isPatchable:FALSE
After building a Prioritization Report, you want to monitor the contents of the report on a
regular basis. What will you do?
Choose an answer:
You were unable to search some of your Operating Systems using a lifecycle query. Later, you found
out the reason. The lifecycle stage of the operating system you were searching was:
Choose an answer:
End-of-Life
End-of-Support
Obsolete
General Availability
This means that the operating system is no longer being actively supported or
developed by the manufacturer. It is no longer being updated or receiving security
patches, and it is no longer considered a viable option for new installations. If you were
searching for this operating system using a lifecycle query, it would not have returned
any results because it is no longer considered an active product.
Final answer
I hope I have answered you question and explained it properly.
Thank you & have a nice day!
When creating a patch job, a “Patch Window” set to the __________ option, will allow the Cloud
Agent as much time as it needs to complete the job?
Choose an answer:
None
Full
Unlimited
Complete
After Qualys Cloud Agent has been successfully installed on a target host, which of the following
“Patch Management” setup steps must be completed before host patch assessments can begin?
Select three.
There is enough information, but the data isn’t catalogued in CSAM yet
Qualys could fully fingerprint the OS but it’s not in your subscription
Introduction:
Only those who have been given permission can conduct an action on a certain
resource thanks to the principles in access management.
It signifies that we do not have enough information to identify the hardware, software, or
operating system when something appears in GAV or CSAM as unidentified. If anything
is listed as unknown, it implies Qualys has not assigned a classification to the host, but
we do have sufficient information.
Following are the two different categories of Vulnerabilities that can be found in Qualys
KnowledgeBase:
Choose an answer:
A pre-deployment message appears at the start of a patch job. You have to create a deployment job
for a Windows user wherein he will receive a notification message to the user indicating that a reboot
is required. What communication option will you select?
Choose an answer:
Reboot Message
Reboot Countdown
Supress Reboot
Reboot Request
Your IT team has configured a patch window to run a deployment job within 5 hours. Due to some
reason you were not able to start the patch installation within that window. What status will they
host display?
Choose an answer:
Not Attempted
Timed Out
Retry
Failed
answer everything or leave it for someone who can
This solution was written by a subject matter expert. It's designed to help students like
you learn core concepts.
Answer: Option B
Explanation: A hierarchy filter is a sort of filter that displays hierarchical data in a tree
view that may be expanded. Date and time information, as well as geographical data
such as continents, nations, and cities, are good examples of data that may be utilized
in a hierarchy filter.
Answer: Option D
Explanation: Each user can view the data they have access to thanks to dynamic
dashboards. You can control data visibility using a dynamic dashboard instead of
having to develop a new dashboard for each level of data access, complete with its own
running user and folder.
Answer: Option D
Answer: Option B
Explanation: A dashboard is a visual representation of your whole data set. While it
may be utilized in a variety of ways, its primary goal is to enable quick access to
information, such as KPIs. A dashboard is often shown on its own website and gets
data from a connected database.
Answer: Option D
Question : Which of the following Deployment Job steps will allow you to install
software and run a custom script? Select all that apply. Choose all that apply: A.
Select Assets. B. Select Post-actions. C. Select Pre-Actions. D. Select Patches.
Answer :
A. Select Assets.
D. Select Patches.
To install missing patches on assets, you can create a deployment job. From the
following tabs, you have three choices for creating the deployment job.
1) Jobs. 2) Assets.
1.
Which type of Dashboard Widget can be configured to change color, as its tracked data
reaches specific conditions or threshold levels?
Bar Chart
Table
Count
Pie Chart
1. Bar chart.
A bar chart is a type of graphic data representation where various values are represented by
bars. Bar graphs are frequently used to compare data across time or between several
categories. Use of a conditional formatting rule is one method of configuring a bar chart to
change color as monitored data meets particular circumstances or threshold levels. The
requirements that must be satisfied in order for the bar to change color are laid forth in this
regulation.
Consider a bar chart that shows the quantity of new customer accounts produced each month.
If the number of new accounts is more than or equal to a certain threshold, you may build a
conditional formatting rule that turns the bar's color green
2.
Which of the following frequencies, can be used to schedule a Patch Deployment Job? Select all that
apply.
Weekly
Quarterly
Annually
Daily
By checking the "Repeating Job" box next to the Start Date, you can create scheduled recurring jobs. For
successive runs, the work can be fine-tuned for the start date and time. It is possible to set recurring
tasks to run daily, weekly, or monthly. When enabled, you can set up (deployment and rollback) jobs to
execute right away or at a later time, either once or repeatedly. Create Run-Once and Recurring jobs
using the Patch Management module.
3. Which Qualys application module is NOT include in the Default VMDR Activation Key?
Patch Management
PCI Compliance
Vulnerability Management
PCI Compliance
Cybersecurity asset management is part of the default VMDR activation key. In order to maintain the
security of your system, you may use this to manage and monitor your assets for any potential flaws as
well as to apply security updates and patches. The default VMDR activation key does not contain the PCI
compliance module. The module must be purchased individually. To give visibility into an organization's
IT security and compliance status, Qualys application modules are deployed. They let enterprises to
evaluate the risks to their IT security, find vulnerabilities, and monitor corrective actions. The Qualys
VMDR module is activated using the VMDR Activation key. A vulnerability management, detection, and
response (VMDR) system is based in the cloud. It helps customers quickly find and fix problems by giving
them realtime visibility into their physical and virtual infrastructure. The management and monitoring of
an organization's IT infrastructure's security is done using Qualys application modules. The Qualys
application's VMDR functionality is activated using the VMDR activation key. The Qualys program has a
module called VMDR that aids in the identification, analysis, and correction of vulnerabilities in
virtualized settings.
4. Which Qualys application, provides the Real-Time Threat Indicators (RTIs) used in the VMDR
Prioritization Report?
Patch Management
Asset Inventory
Threat Protection
Vulnerability Management
Vulnerability Management
The Qualys application called Vulnerability Management provides the Real-Time Threat Indicators (RTI)
used in the VMDR Prioritization Report. This program is in charge of looking for and identifying
vulnerabilities in software and systems and informing its users accordingly. Based on data collected by
the Vulnerability Management application, RTI data is used in the VMDR Prioritization Report to help
prioritize vulnerabilities for remediation. This report relies on RTI data, which shows how long it has
been since a vulnerability was originally found, how long it has been since a patch was made available,
how recently the vulnerability has been exploited, and how recently it has been spotted. Based on the
information provided, a risk score is assigned to each vulnerability, and the vulnerabilities with the
highest risk scores receive priority attention. The Qualys Vulnerability Management software makes it
easy for enterprises to quickly identify and patch security holes. Prioritizing the most critical
vulnerabilities in the VMDR Prioritization Report using RTI data can assist in enhancing the overall
vulnerability management process. Apart from Vulnerability Management, Qualys offers Patch
Management, Threat Protection and Asset Inventory. These applications, along with Vulnerability
Management, can provide a comprehensive security solution.
5. The Qualys CSAM application distinguishes your asset inventory using which of the following
categories? Select all that apply.
Software
Hardware
Firmware
Operating System
software
hardware
operating system
The Qualys CyberSecurity Asset Management (CSAM) platform is asset management rethought for the
purposes of security teams. Using Qualys CSAM, organizations are able to continuously inventory their
assets, apply business criticality and threat context, identify security gaps such as unauthorized
software, and respond with proper action to mitigate risk, which ultimately results in a reduction in their
threat debt. Raw sensor data is gathered by the Qualys CyberSecurity Asset Management program,
which adds its own data classification, standardization, and enrichment. For software, operating
systems, hardware and software application assets, Qualys offers Level 1 and 2 categories.
6. Which “Active Threat” category includes attacks that require little skill and do not require additional
information?
Easy Exploit
Public Exploit
Zero Day
public exploit
2000
1250
1750
1500
2000
For agent hosts that are lacking patches, you can build a "Deployment Job". Currently, a single task can
only have 2000 fixes added. Creating jobs from the PATCHES and ASSETS areas of the PM application is
an alternative to the more typical JOBS section, which is where most jobs are built. Consider choosing
patches that have NOT been superseded to remove outdated, unnecessary patches for increased
patching efficiency.
8. Which Qualys technology provides a patch download cache, to achieve a more efficient distribution of
Step-by-Step explanation
Qualys is a security organization that provides clients with security services for their network devices.
Qualys gateway server can be defined as a gateway that passes through it the network traffic of the
agents. This makes it more efficient in distribution as it reduces work needed to be performed by the
clients.
Qualys passive sensor is used to detect any unusual activity in the network traffic. Qualys scanner
appliance is used to scan networks.
Wua
9. Using the “Search” field (found in the VULNERABILITIES section of VMDR), which query will produce a
list of “patchable” vulnerabilities?
vulnerabilities.vulnerability.qualysPatchable:TRUE
vulnerabilities.vulnerability.isPatchable:TRUE
vulnerabilities.vulnerability.qualysPatchable:FALSE
vulnerabilities.vulnerability.isPatchable:FALSE
The "Search" field (found in the VULNERABILITIES section of VMDR) is the easiest way to find
vulnerabilities, but it doesn't always produce a comprehensive list of all vulnerabilities. To find all
patchable vulnerabilities, you can use a query like:
[vulnerabilities.vulnerability.qualys Patchable:TRUE]
Step-by-Step explanation
Using the "Search" field (found in the VULNERABILITIES section of VMDR), we can find a list of
"patchable" vulnerabilities by searching for "patchable". This will produce a list of vulnerabilities.
The first vulnerability listed is CVE-2019-1653, which is a vulnerability that has been patched.
We can use the "isPatchable" field to see whether or not this vulnerability is patched by looking at the
patch status for this vulnerability. If this vulnerability has been patched, then it will be listed as TRUE;
otherwise, it would be FALSE
10. Which of the following queries will display assets with a Relational Database Management System?
software:(category1:Databases / RDBMS)
(category2:Databases / RDBMS)
software:(category:Databases / RDBMS)
Software:(category:Database/RDBMS)
(ADMINISTRATIVE SYSTEMS) Database/RDBMS queries will return assets that are stored in a relational
database management system.
A database's principal function is to store data. A relational database is made up of numerous tables
that hold information about various areas of the company's activities. One table, for example, could be
used to track inventory levels in each of your businesses, while another database could be used to track
client details. Both of these tables are in the same database because they have one thing in common:
the data they store is related to one another.
A relational database management system (RDBMS) allows a company to store and retrieve data from
various sources at the same time, making it easier for businesses with vast amounts of data to search
through them quickly and efficiently. This is especially helpful when searching for information in current
databases or constructing new ones based on existing ones.
11. By default, which of the following factors are used by the VMDR Prioritization Report, to prioritize
Vulnerability age
Compliance Posture
Attack Surface
Step-by-Step explanation
As the VMDR Prioritization Report prioritizes vulnerabilities, these are the factors used to determine
which vulnerabilities are given highest priority:
vulnerability age and real time threat indicators. A vulnerability's age is determined by when it was last
updated with a fix, according to Microsoft's lifecycle policy. When a new one has not been fixed in over
180 days, it is considered expired and will be ranked lower than one that has been updated within this
timeframe. Real time threat indicators answer questions such as "what kinds of attacks does this
particular vulnerability allow?" This information can help a priority analysis differentiate between
vulnerabilities that pose different levels of risk.
In addition, the Compliance Posture field in the VMDR Prioritization Report allows for a more fine-
grained prioritization of vulnerabilities based on how they are actually used. Some vulnerabilities such as
those found in software that is deployed in the enterprise may represent an imminent threat to systems
and intellectual property. Others may be used by attackers to bypass security defenses or lay the
foundation for future attacks. Finally, the Attack Surface field provides information about the number of
systems exposed to attacks using a given vulnerability.
This can be particularly useful in prioritizing vulnerabilities in software that is widely deployed, such as
Microsoft Office or Internet Explorer. The purpose of assigning scores based upon factors such as
exposure, security weakness and attack surface is to establish a relative ranking of vulnerabilities
according to their overall risk
12 Which “Active Threat” category includes vulnerabilities that are actively attacked and have no patch
available?
Easy Exploit
Malware
Exploit Kit
Zero Day
Zero Day
Step-by-Step explanation
A vulnerability in a system or device that has been publicly published but has not yet been fixed is
known as a zeroday vulnerability. A zero-day exploit is an exploit that targets a zero-day vulnerability.
Zero-day vulnerabilities are more dangerous for users since they were found before security researchers
and software developers were aware of them and before they could provide a fix.
Targeted assaults frequently leverage zero-day vulnerabilities, while many campaigns still make use of
older flaws. Since the seller or developer has only become aware of the flaw, they have zero days to
remedy it, hence the term zero-day. When hackers take advantage of the vulnerability before
developers have a chance to fix it, it is known as a zero-day assault. Zero-day is sometimes known as 0-
day.
13. Which of the following conventions can be used to include or assign host assets to a job? Select all
that apply.
Business Unit
Asset Name
Asset Tag
Asset Group
Asset Tag.
Step-by-Step explanation
In Microsoft Word, you can simply type the asset name to insert it into your document. When you do
so, a blue icon appears in the margin of your document that allows you to easily move assets around
later. The Asset Name convention is used in MS Word when text references an asset directly and when
the name of an asset is included as a link. This convention can also be used for assets with numerical
tags or names that are too long to fit on one line.
In Microsoft Excel, you can simply type the asset name to insert it into your document. When you do so,
a blue icon appears in the margin of your document that allows you to easily move assets around later.
The Asset Name convention is used in MS Excel when text references an asset directly and when the
name of an asset is included as a link. This convention can also be used for assets with numerical tags or
names that are too long to fit on one line. In SharePoint, you can use a document library to store the
asset. When you do so, the new library automatically includes an asset named Tarex. The Asset Tag
convention is used in SharePoint when text references an asset directly and when the name of an asset
is included as a link.
14. Qualys categorizes your software inventory by which of the following license types? Select all that
apply.
Premier
Trial
Commercia
Open Source
Open Source"
Step-by-Step explanation
Free software, which can be used, modified, and distributed without cost is called open source software.
In contrast to proprietary software, also known as software that is owned by a single company or
person, open source software is typically developed through a collaborative effort by a community of
software developers. This signifies that anyone can contribute to the development of open source
software, and that anyone can use it for any purpose. Contributions can be made through GitHub, which
is a public code repository.
Using software with an open source licence comes with a number of advantages. To start, it is typically
more costeffective than purchasing proprietary software. This is due to the fact that open-source
software does not charge users to use or distribute it, and since it is frequently developed by volunteers,
users do not have to pay for the software's development. Because it is created by a community of
developers rather than a single company, open source software is typically more reliable and secure
than proprietary software. This is because the code is constantly being tested and improved upon by the
community.
There are also some disadvantages associated with using open-source software. For instance, due to the
fact that anybody can participate in the creation of open source software, there is no assurance that the
code will be of a particularly high standard. In addition, because there is no centralised authority
overseeing the development and distribution of open source software, it can be challenging to install
and configure the software.
15. You are in the process of inducting new employees on the Global AssetView application. In your
presentation you have to add the features of this application. Which features from the below mentioned
list will you include? Select all that apply.
Step-by-Step explanation
The Global AssetView application is a powerful tool that can help organizations keep track of their IT
assets.
This application can categorize and normalize hardware and software information, allowing users to
more easily track and manage unauthorized software.
Additionally, the Asset Criticality Score feature can help organizations prioritize and manage their assets
more effectively.
Finally, the discovery and inventory features of Global Asset View can help organizations keep track of
all of their IT assets, making it easier to manage and maintain them.
16. You have been asked to create a “Zero-Touch” patch deployment job. You have
already scheduled this job to run once a week. What additional requirement must be
met?
Categorized and normalized hardware and software information Ability to define and track unauthorized
software
You have been asked to create a “Zero-Touch” patch deployment job. You have already scheduled this
job to run once a week. What additional requirement must be met?
Select patches using Asset Tags Defer patch selection to a later time Automate patch selection using
QQL
Step-by-Step explanation
Advantages:
By updating the windows you will receive the latest release by the vendor and many bugs will be fixed as
soon you update the operating system.
Some new security features will also be added as according to the viruses that trend in market.
Auto updates also help the system to prevent the human manual task of installing the updates to the
system.
Automatic updates will run the Operating System to perform well, because last bugs will be fixed and no
more logical errors will be executed.
Without updating the system the system may not a except the Select patches manually
17. Once you establish your priority option you can generate your Prioritization Report. By default this
report
Patches
Threat Feeds
Vulnerabilities
Assets
All assets that fit your priority settings will be listed in the default Prioritization Report.
The study can help you determine which assets are most crucial to your company and establish priorities
accordingly. The report can be altered to incorporate other details like asset value, risk score, and other
metrics. This might assist you in further prioritizing your assets and determining which ones to
concentrate on first.
3. Decide the alternatives of highest priority you want to include in the report
18. Once you establish your priority option you can generate your Prioritization Report. By default this
report will produce a list of _________ that match your priority options.
Step-by-Step explanation
You can automatically identify the vulnerabilities that pose a material risk to your company and business
with the VMDR Prioritization report. In order to focus on the vulnerabilities that pose the greatest risk, it
correlates vulnerability information with threat intelligence and asset context.
The "Predicted High Risk" indication employs machine learning models to highlight vulnerabilities most
likely to become material risks, enabling many degrees of prioritizing. Indicators like Exploit, Actively
Attacked, and Wormable bubble up current vulnerabilities that pose risk.
19. After Qualys Cloud Agent has been successfully installed on a target host, which of
the following “Patch Management” setup steps must be completed, before host patch
assessments can begin? Select all that apply.
Create Dashboard widgets for all the contents of the report Export the report to dashboard and create a
dynamic widget Schedule a report to run on a regular basis Run a report every time it is needed After
Qualys Cloud Agent has been successfully installed on a target host, which of the following “Patch
Management” setup steps must be completed, before host patch assessments can begin? Select all that
apply.
Step-by-Step explanation
Assign the enabled PM Assessment Profile to the target agent host. Create a "Assessment Profile"
before assigning target agents to PM jobs
20. You have to prioritize the vulnerabilities by age before you go ahead and generate a Prioritization
Report. When you are prioritizing vulnerabilities by age, you have the options of: Select all that apply.
Before you go ahead and generate a prioritization, you need to prioritize the vulnerabilities by age.
If there's no way for you to know how old your vulnerable product is, it would be unwise to make an
assumption. You should instead ask them how old their product is and then work backward from that
date.
For example, if someone says their product was built in 2010, then they are probably too young to be
prioritized. The same applies if they say it was built in 2040—you don't want to prioritize vulnerabilities
based on dates!
Step-by-Step explanation
The best way would be to create a list of all the vulnerabilities, then prioritize them as per their
importance, and then identify which ones need immediate attention.
When prioritizing vulnerabilities, you have to start with the ones that are most likely to be exploited by
hackers. If a hacker has access to your data, they can use it for their own purposes. To limit the damage
a hacker can do, you need to prioritize vulnerabilities by age.
You'll find that older vulnerabilities are more likely to have been exploited, so you should focus on them
first.
The vulnerability that you prioritize is the one that is most likely to affect your business or company's
operations, and it needs to be addressed first. If you don't address it, then other vulnerabilities will
come up and affect your business instead of this one
There is enough information, but the data isn’t catalogued in CSAM yet
Qualys could fully fingerprint the OS but it’s not in your subscription
CSAM will collect information about the operating system and hardware of all machines that it scans.
This information is used to determine which data you can use in your subscription plan, as well as how
to prioritize the data.
Information gathered from a machine's operating system and hardware is stored in the CSAM database
and catalogued according to the type of machine it is. For example, if a machine has an identified
Windows operating system, that information will be catalogued under "Windows." If it has an unknown
OS (i.e., one we don't have enough information about), that information will be catalogued under
"Unknown." If it has neither an identified OS nor an unknown OS, then it will be catalogued under
"Unidentified."
Step-by-Step explanation
According to the Qualys Security Assessment Market Share Report, there are more than 300 million
devices on the internet today. Of those devices, only half of them have been fully fingerprinted by
Qualys.
22. You were unable to search some of your Operating Systems using a lifecycle query. Later, you found
out
the reason. The lifecycle stage of the operating system you were searching was:
End of life
End of support
Obsolete
General Availability
End of support
Step-by-Step explanation
Answer
End of support
Some operating systems are no longer supported, which is why you were unable to search for them. End
of support denotes the point at which the product's creator will no longer get security updates or
assistance. The product is no longer made, hence it is obsolete.
You can perform a search for the following operating systems to find out which ones are no longer
supported:
All operating systems that are no longer supported will be returned by this query
23
Which of the following conditions must be met, in order for Qualys Patch Management to successfully
patcha discovered vulnerability? Select all that apply.
The vulnerability must be patchable You have to run a patch job on a regular basis. Which of the
following will you follow in order to make your work efficient? Select all that apply.
Selected answers:
Step-by-Step explanation
Selected answers:
Explanation of each:
This indicates that Qualys should confirm and validate the vulnerability.
The vulnerability must be patchable:
24. You have to run a patch job on a regular basis. Which of the following will you follow
in order to make your work efficient? Select all that apply.
Use Asset Tags as targets for patch deployment jobs Use the dashboard to
monitor
Schedule patch job on a monthly basis
Once test deployments are verified
Once test deployments are verified Clone the deployment job and include production asset tags
25 The Threat Feed leverages data from multiple sources. Which of the following sources are used?
Select all that apply.
Other Sources
Exploit Sources
Malware Sources
The other sources may be used, but are not specifically mentioned.
Step-by-Step explanation
Exploit sources are websites that provide relevant data about exploits, which are malicious programs or
code that can
be used to take advantage of a security problem. Exploit sources can be used to discover newly
discovered
intended to cause damage to systems or render them inoperable. Researchers can use malware sources
to discover
new malware and obtain knowledge about how to defend themselves against it.
The Qualys Threat and Malware Research Team is comprised of a group of highly trained security
professionals who
do research on emerging dangers and vulnerabilities in order to devise countermeasures. On its website,
the team
shares information about the most recent dangers and offers advice on how to stay safe from them
26. You have deployed several thousand Qualys Cloud Agents, and now you would like to conserve
network bandwidth by allowing your agents to store and share their downloaded patches (from a
central location). Which Qualys technology is the best fit to solve this challenge?
The answer is
Step-by-Step explanation
The Qualys Cloud Connector is designed to allow Qualys Cloud Agents to store and share downloaded
patches from a central location. This can help conserve network bandwidth and reduce the need for
multiple downloads of the same patches.
Qualys Passive Sensor and Qualys Gateway Server are not designed to allow Qualys Cloud Agents to
store and share downloaded patches from a central location. Qualys Scanner Appliance is designed to
allow Qualys Cloud Agents to scan for vulnerabilities, but not to store and share downloaded patches
27.
You have to analyse the threat intelligence information provided by Qualys Threat and Malware Labs.
The information will be found under the "Threat Feed" tab on the "Prioritization" page. This is the most
likely location for such information, as it is specifically designed to provide users with information on
malware threats
28. Your colleague has just completed the following steps to setup your Qualys account for patching:
4. Assigned all hosts to an enabled Assessment Profile. Although Deployment Jobs have been created
and enabled, patches are not getting installed. What step did your colleague miss?
Targeted assets must be configured to consume a patching license Targeted assets must be labelled with
the ""Patchable"" Asset Tag Targeted assets must be added to the ""Patch Management"" Asset Group
If you don't set up a patch management group, your agents won't be able to complete their patching
obligations.
When patches are distributed and applied, this is referred to as patch management. Software problems
(also known as "vulnerabilities" or "bugs") are frequently fixed with patches.
Operating systems, applications, and embedded devices are all common candidates for patching (like
network equipment). When a flaw in a piece of software is discovered after it has been released, a patch
can be applied to remedy the situation. By doing this, you can protect your environment's assets from
being exploited.
29. A pre-deployment message appears at the start of a patch job. You have to create a deployment job
for a Windows user wherein he will receive a notification message to the user indicating that a reboot is
required. What communication option will you select?
Reboot message
Reboot Countdown
Supress Reboot
Reboot Request
Reboot Countdown
The Reboot Countdown option will send a notification message to the user indicating that a reboot is
required, and will provide a countdown timer until the reboot is scheduled to occur. This option will
allow the user to save their work and close any applications before the reboot occurs
30. Your IT team has configured a patch window to run a deployment job within 5 hours. Due to some
reason you were not able to start the patch installation within that window. What status will they host
display?
Not attempted
Timed out
Retry
Failed
Failed
If the deployment job is unable to be finished within the allotted time frame of five hours, the status of
the patch installation will be changed to unsuccessful. If the patch installation is not started within the
allotted time window of five hours, the status will become invalid
1)Which Qualys application, provides the Real-Time
Prioritization Report?
Patch Management
Asset Inventory
Threat Protection
Vulnerability Management
response
Choose an answer:
Unknown
Unidentified
Unavailable
Uncertain
Anser Unknow
apply.
Passive Sensor
Cloud Connector
Scanner Appliance
Cloud Agent
5) Qualys provides virtual scanner appliances for which of the following cloud
platforms? Select all that apply.
Amazon AWS
Rackspace Cloud
Microsoft Azure
Choose an answer:
Qualys Connector
Select Assets
Select Post-actions
Select Pre-Actions
Select Patches
“key-shaped” symbol?
Choose an answer:
patches.
Agent.
Choose an answer:
vulnerabilities.vulnerability.qualysPatchable:TRUE
vulnerabilities.vulnerability.isPatchable:TRUE
vulnerabilities.vulnerability.qualysPatchable:FALSE
vulnerabilities.vulnerability.isPatchable:FALSE
Choose an answer:
Malware
Zero Day
Exploit Kit
enabled
installed in ServiceNow
Management license
Choose an answer:
software:(category1:Databases / RDBMS)
software:(Databases / RDBMS)
software:(category2:Databases / RDBMS)
software:(category:Databases / RDBMS)
13) Once you establish your priority option you can generate your
Prioritization Report. By default this report will produce a list of _________ that
Choose an answer:
This study source was downloaded by 100000863741089 from CourseHero.com on 03-14-2023 05:43:06
GMT -05:00
https://www.coursehero.com/documents/171944769/VMDR-exam20docx/
Patches
Threat Feeds
Vulnerabilities
Assets
14) To consume a patching license, one or more host ________ ________ must
Choose an answer:
Business Units
Asset Tags
Asset Names
Asset Groups
15) When creating a patch job, a "Patch Window" set to the __________
option, will allow the Cloud Agent as much time as it needs to complete the
job.
(A) Complete
(B) Unlimited
(C) None
(D) Full
(B) Unlimited
Choose an answer:
report
widget
17) You were unable to search some of your Operating Systems using a
lifecycle query. Later, you found out the reason. The lifecycle stage of the
Choose an answer:
End-of-Life
End-of-Support
General Availability
18) You are in the process of inducting new employees on the Global Asset
View application. In your presentation you have to add the features of this
application. Which features from the below mentioned list will you include?
19) You have been asked to create a “Zero-Touch” patch deployment job.
You have already scheduled this job to run once a week. What additional
Choose an answer:
20) You have deployed several thousand Qualys Cloud Agents, and now
store and share their downloaded patches (from a central location). Which
Choose an answer:
21) Your IT team has configured a patch window to run a deployment job
within 5 hours. Due to some reason you were not able to start the patch
installation within that window. What status will they host display?
Choose an answer:
Not Attempted
Timed Out
Retry
Failed
22) Which of the following conditions must be met, in order for Qualys
that apply.
Choose all that apply:
have to create a deployment job for a Windows user wherein he will receive a
Choose an answer:
Reboot Message
Reboot Countdown
Supress Reboot
Reboot Request
24) You have to run a patch job on a regular basis. Which of the following
will you follow in order to make your work efficient? Select all that apply.
This study source was downloaded by 100000863741089 from CourseHero.com on 03-14-2023 05:43:06
GMT -05:00
https://www.coursehero.com/documents/171944769/VMDR-exam20docx/
Once test deployments are verified, clone the deployment job and include
25) The Threat Feed leverages data from multiple sources. Which of the
Other Sources
Exploit Sources
Malware Sources
Qualys Threat and Malware Labs. Where will you find this information?
Choose an answer:
27) Your colleague has just completed the following steps to setup your
Qualys account for patching: 1. Installed Qualys Cloud Agent on target hosts.
Jobs have been created and enabled, patches are not getting installed. What
Choose an answer:
Group
apply.
Weekly
Quarterly
Annually
Daily
that apply.
Vulnerability Age
Compliance Posture
Attack Surface
Premier
Trial
Commercial
Open Source
vulnerabilities by age, you have the options of: Select all that apply.
Vulnerability Age
Detection Age
Priority Age
Installation Age
36) In CSAM, the term “unidentified” means: Select all that apply.
OS/hardware/software
There is enough information, but the data isn’t catalogued in CSAM yet
Qualys could fully fingerprint the OS but it’s not in your subscription
Which of these is a reason for using a Patch Management solution?
Not studied (35)
Select these 35
Which of these sensors does Qualys use to deploy patches?
(A) it can install the operating system and third-party application patches
(B) it can install third-party application patches only
(C) it can install operating system patches only
(A) it can install the operating system and third-party application patches
Which of these is used by Qualys Patch Management to deploy patches?
(A) Governance
(B) Vulnerability & Config Assessment
(C) Threat Risk and Prioritization
(D) Asset Inventory
(E) Patch Management
(A) Governance
Which of these can be used as a local repository to download patches?
(A) 8 hours
(B) 6 hours
(C) 4 hours
(D) 24 hours
(C) 4 hours
Which of these is true about the patch catalog?
(A) hostnames
(B) IP addresses
(C) asset tags
(D) asset groups
(C) asset tags
You want to change the default assessment duration for missing patches? Which of the
following will you perform?
(A) 2048 MB
(B) 1024 MB
(C) 512 MB
(D) 256 MB
(A) 2048 MB
PM Work Flow
Step 1: Install Cloud Agent on the target host
Step 2: Assign target agent host to a CA Configuration Profile that has PM enabled
Step 3: Assign PM license to the host
Step 4: Configure patch deployment job
Which of these is true?
(A) patch deployment jobs cannot be scheduled; they must run on-demand
(B) patch deployment jobs can be scheduled for a future date
(B) patch deployment jobs can be scheduled for a future date
Which of these is true about patch deployment jobs?
(A) to have the agent download the patch before the scheduled job begins
(B) to have the agent download the patch after the scheduled job begins
(A) to have the agent download the patch before the scheduled job begins
Which of these would you use to identify patchable applications that introduce the most
number of vulnerabilities in your subscription?
(A) EDR
(B) PM
(C) VMDR
(D) Vm
(B) PM
(C) VMDR
(D) Vm
VMDR Prioritization Report helps you to:
(A) Download patches from Vendor Global CDNs
(B) Create tickets for high-risk vulnerabilities
(C) Identify patches required to fix high-risk vulnerabilities
(D) Identify vulnerabilities that pose the maximum risk to your business
(E) Run scans to identify high-risk vulnerabilities
(C) Identify patches required to fix high-risk vulnerabilities
(D) Identify vulnerabilities that pose the maximum risk to your business
Which query would you use to identify vulnerabilities that can be patched by Qualys
Patch Management?
(A)vulnerabilities.vulnerability.qualysPatchable:TRUE
(B)Patchable.vulnerabilities.qualys:FALSE
(C)vulnerabilities.vulnerability.qualysPatchable:FALSE
(D)Patchable.vulnerabilities.qualys:TRUE
(A)vulnerabilities.vulnerability.qualysPatchable:TRUE
Which of these is true?
(A) Correct
(B) Incorrect
(A) Correct
Zero Touch Patching helps: (Select two)
(A) To update endpoints and servers proactively as soon as patches are available
(B) Automatically create tickets for missing patches
(C) Automate patch vulnerabilities based on the Real Time Threat Indicators (RTIs)
(D)Runs security scans after every four hours
(E) Automatically export patch information
(A) To update endpoints and servers proactively as soon as patches are available
(C) Automate patch vulnerabilities based on the Real Time Threat Indicators (RTIs)
Which query will list patches that Qualys can uninstall?
(A) a zero-touch patch job can only be scheduled for a future date
(B) a zero-touch patch job automatically includes required patches using a QQL query
(C) you can manually select patches to include in the zero-touch patch job
(B) a zero-touch patch job automatically includes required patches using a QQL query
Which of the following statements about uninstalling patches is true?
Which phase of the VMDR Lifecycle is addressed by Qualys Patch Management (PM)?
Choose an answer:
Vulnerability Management
Response
Asset Management
Qualys Virtual Passive Scanning Sensors (for discovery), Qualys Virtual Scanners, Qualys Cloud Agents,
Qualys Container Sensors, and Qualys Virtual Cloud Agent Gateway Sensors for bandwidth optimization
are all included with VMDR in a UNLIMITED amount.
• Analysis: Examining the outcomes of scans to identify the vulnerabilities that present the most danger
In order to solve the remediation part of the VMDR lifecycle, Qualys Patch Management (PM) was
created. By determining which systems require patches, downloading and applying the necessary
patches, and then reporting on the status of all systems' patching, PM automates the process of
patching systems.
Which of the following frequencies, can be used to schedule a Patch Deployment Job? Select
Weekly
Quarterly
Annually
Daily
It is possible to schedule deployment jobs to run on demand, and recurring jobs can be used repeatedly
on a daily, weekly, or monthly basis. The job will be recorded as timed out if the installation of a patch
does not start within the specified patch window.
When deciding whether to schedule or conduct a deployment job on demand, there are a few factors to
take into account. First, think about how significant the deployment is. It may be ideal to plan the
deployment for a crucial security patch to run when there will be the least amount of user effect. In
contrast, it might be preferable to do the deployment on demand if it's for a much-anticipated new
feature that users will utilize right away.
The magnitude of the deployment is another factor to take into account. It may be ideal to plan a major
deployment so that it can be finished during off-peak hours. Users' effects will be lessened as a result,
and the deployment team will have more time to troubleshoot any problems.
You must choose how frequently to conduct a deployment after deciding to schedule it. A deployment
can be run on a daily, weekly, or monthly basis using recurring jobs. The recurring job's frequency ought
to be determined by how frequently the underlying code is updated. For instance, the deployment
should take place every day if the code is changed every day. On the other side, the deployment can be
carried out each week if the code is updated each week.
Which Qualys sensors collect the type of data needed to perform vulnerability
Passive Sensor
Cloud Connector
Scanner Appliance
Cloud Agent
One class of sensor that Qualys offers to gather security and compliance information is scanner
appliances. Depending on how your subscription is set up, appliances can be used to conduct
compliance and vulnerability scans.
You must choose the appliance scanner type that best suits your demands because each type has
advantages and disadvantages of its own. For enterprises with on-site data centers, physical scanners
work best, but virtual scanners work better with cloud-based architecture.
You must install the appliance scanner you've chosen in your environment after making your choice.
Make sure to carefully follow the instructions provided by Qualys while deploying appliance scanners
because they are very extensive.
The appliance scanner needs to be set up to scan the proper targets after it has been deployed. Once
more, Qualys offers comprehensive setup instructions for appliance scanners.
The appliance scanner will start gathering information about your environment as soon as you've
configured it. Information about compliance problems and vulnerabilities is included in this material.
This information will be used by Qualys to provide reports that you can use to evaluate the security and
compliance posture of your company.
Which “Active Threat” category includes attacks that require little skill and do not require
additional information?
Choose an answer:
Easy Exploit
Public Exploit
Zero Day
A zero day attack is an attack that occurs on the same day that a new software vulnerability is
discovered. attackers can take advantage of this vulnerability before it is patched.
Choose an answer:
The patch is a key requirement for the deployment of other patches.
Answer:
The patch is a key requirement for the deployment of other patches. This means that the patch must be
installed in order for other patches to be deployed successfully. It indicates that the patch is critical for
the overall system, and cannot be uninstalled or bypassed.
The patch with the key-shaped symbol indicates that it is a key requirement for the deployment of other
patches. This means that the patch must be installed in order for other patches to be deployed
successfully. This is because the patch is critical for the overall system. It is essential for the system to
function correctly and efficiently, and it cannot be uninstalled or bypassed.
The patch is a critical component of the system because it ensures that the system is able to maintain its
stability and functionality. Without the patch, other components of the system may not work properly
or may not work at all, resulting in system instability and potential data loss. The patch also guarantees
that the system is secure and up-to-date with the latest security protocols and updates. By installing the
patch, the system is able to stay secure and protected against potential cyber threats, as well as other
malicious activities.
The patch is also important for ensuring that the system functions optimally. The patch contains updates
and fixes that are necessary for the system to run smoothly and efficiently. Without the patch, the
system would be vulnerable to glitches and errors, resulting in slower performance and potential data
loss. Installing the patch helps the system maintain its optimal performance level, and allows it to
continue to run smoothly and reliably.
Finally, the patch ensures that the system is compatible with other software and hardware components.
Without the patch, the system may not be able to recognize certain hardware and software
components. This could lead to conflicts between components, slowing down the system and potentially
resulting in complete system failure. Installing the patch helps the system maintain compatibility with all
components, ensuring that the system is able to recognize and utilize all of its available resources.
In short, the patch with the key-shaped symbol is a critical component of the system. It is essential for
the system to maintain its stability and functionality, as well as its security and optimal performance. It is
also necessary for the system to be compatible with other hardware and software components.
Installing the patch is key to keeping the system secure, stable, and up-to-date with the latest security
protocols and updates.
Overall, the patch with the key-shaped symbol is an important part of the system and cannot be
uninstalled or bypassed. Installing the patch is essential for the system to work properly and efficiently,
and to maintain its optimal performance. Without the patch, the system is vulnerable to errors, data
loss, and potential security risks. Therefore, it is important to make sure that the patch is installed in
order for the system to remain secure, stable, and compatible with all components.
In conclusion, the patch with the key-shaped symbol is a key requirement for the deployment of other
patches. This is because the patch is critical for the overall system, and cannot be uninstalled or
bypassed. The patch ensures that the system is secure, stable, and up-to-date with the latest security
protocols and updates. It is also necessary for the system to be compatible with other hardware and
software components. Ultimately, installing the patch is essential for the system to remain secure,
stable, and optimized.
Which of the following queries will display assets with a Relational Database Management
System?
Choose an answer:
software:(category1:Databases / RDBMS)
software:(Databases / RDBMS)
software:(category2:Databases / RDBMS)
software:(category:Databases / RDBMS)
In a relational database a query is a command used to request information from the database. A query
can be a simple request for data from a single table, or it can be a complex request that joins data from
multiple tables.
Qualys categorizes your software inventory by which of the following license types? Select
Premier
Trial
Commercial
Open Source
Open source licenses are licenses that are typically offered to the public without any fee or other
restrictions. Open source licenses are often used to promote the sharing of software and to allow others
to modify, extend, and improve upon existing code. In many cases, open source licenses also allow users
to redistribute the software and to use it for commercial purposes. Premier licenses are licenses that are
typically offered by vendors to their most trusted customers. These customers may have a long-standing
relationship with the vendor or may have purchased a large number of licenses in the past. Premier
licenses typically offer greater flexibility than other types of licenses, including the ability to customize
the software to meet the customer's specific needs. Additionally, premier licenses may include
additional features that are not available with other types of licenses. Qualys categorizes software
inventory by all of these license types, as each type of license offers distinct advantages that may appeal
to different types of customers. With Qualys, customers can easily evaluate which type of license best
meets their needs, so that they can make an informed decision when purchasing software
Which “Active Threat” category leverages machine learning to determine if presently nonexploitable
vulnerabilities should be prioritized?
Choose an answer:
Malware
Zero Day
Exploit Kit
Answer:
"Easy Exploit" would be the category that includes attacks that require little skill and do not require
additional information.
"Easy Exploit" would be the category that includes attacks that require little skill and do not require
additional information.
An "Active Threat" refers to a specific type of cyber threat that is actively attempting to exploit
vulnerabilities in a computer system or network. There are various categories of active threats based on
the level of difficulty and complexity of the attack.
"Easy Exploit" attacks are typically low-level threats that can be executed with minimal skill or
knowledge. These attacks may involve well-known vulnerabilities or exploits that have been widely
publicized, and may not require any additional information beyond what is readily available online.
"Predicted High Risk" and "Public Exploit" are not valid categories for active threats. "Zero Day" refers to
a previously unknown vulnerability that is being actively exploited, and is not a category for active
threats.
By default, which of the following factors are used by the VMDR Prioritization Report, to
Vulnerability Age
Compliance Posture
Attack Surface
Answer:
Choose an answer:
Qualys Connector
Once you establish your priority option you can generate your Prioritization Report. By
default this report will produce a list of _________ that match your priority options.
Choose an answer:
Patches
Threat Feeds
Vulnerabilities
Assets
To consume a patching license, one or more host ________ ________ must be added to the
Choose an answer:
Business Units
Asset Tags
Asset Names
Asset Groups
You are in the process of inducting new employees on the Global AssetView application. In
your presentation you have to add the features of this application. Which features from the
below mentioned list will you include? Select all that apply.