What does it mean when a “pencil” icon is associated with a QID in the QualysGuard KnowledgeBase?
There is malware associated with the QID A patch is available for the QID
The QID has been edited The QID has a known exploit
Which of the following are components or processes of an asset discovery map? (choose all that apply)
Device Identification Vulnerability Detection Network Discovery Host Discovery
What is the maximum number of service detection tests used by the Service Detection Module?
600 20 13 512
Applications QIDs
Asset Groups Host Assets
Why is it important to set the Business Impact of an Asset Group?
Business Impact illustrates the overall risk of the organization when doing Patch Reporting
There is no reason to set a Business Impact, it is optional and rarely used The default setting is all that is needed, Business Impact doesn't change reports Qualys cannot determine the importance of an asset to an individual organization
To produce a scan report that includes all of the cumulative scan data in your subscription, you should select the _______________ option in the Scan Report Template.
Static
Host Based Findings Scan Based Findings Dynamic
Which item is NOT mandatory for launching a vulnerability scan? Authentication Record
Scanner Appliance Target Hosts
Multiple Remediation Policies are evaluated: In no specific order
From bottom to top From top to bottom
Based on the rule creation date
If a host IP has not been scanned in over 30 days, and the host is in a DHCP environment, what should be done to ensure data integrity?
Map the hosts to ensure they are alive
Keep all scans that are over 6 months old to ensure the data is accurate Purge Host data, to clear vulnerabilities associated with the IP Address Close all remediation tickets as they probably are all fixed now
What are some ways to add security to a user’s account? Require the user answer security questions when logging in
Activate VIP as an added second factor for authenticating to QualysGuard Require passwords to expire after a certain amount of time
Lock accounts after a certain amount of failed login attempts
What is required in order for QualysGuard to generate remediation tickets? (choose all that apply)
A Remediation Report needs to be run
Scan Results need to be processed by QualysGuard A Policy needs to be created
A Map needs to be run
Map results are an excellent source for... (choose all that apply) Adding Hosts to the Approved Hosts list
Building Asset Groups Creating Option Profiles
Adding Hosts to QualysGuard Subscription Making Report Templates
Creating Search Lists
As a Manager in QualysGuard, which activities can be scheduled? Asset Searches
Maps Reports
Updates to the KnowledgeBase Scans
The information contained in a map result can help network administrators to identify _______________ devices. Exploitable Rogue (unapproved) Unpatched Vulnerable
To launch a successful map, you must provide the following information/components. (choose all that apply)
Report Template Option Profile Domain/Netblock Search List
Title
What is the 6-step lifecycle of QualysGuard Vulnerability Management? Mapping, Scanning, Reporting, Remediation, Simplification, Authentication Learning, Listening, Permitting, Forwarding, Marking, Queuing
Discovery, Prioritizing, Assessing, Reporting, Remediating, Verifying Bandwidth, Delay, Reliability, Loading, MTU, Up Time
Which of the following types of items can be found in the QualysGuard KnowledgeBase? (choose all that apply)
Search Lists
Potential Vulnerabilities
Configuration data (Information Gathered) Asset Groups
Vulnerabilities
Search Lists can be applied to which other QualyGuard components? (choose all that apply)
Remediation Policies Report Templates Option Profiles
Authentication Records
Which Vulnerability Detail (found in a Scan Template) identifies the data or information collected and returned by the QualysGuard scanner appliance?
Results Impact Solution Compliance Threat
The Asset Search tab can be used to... (choose all that apply) Find assets in our environment with a specific vulnerability
Construct Search Lists Build Asset Groups Create Report Templates Create Option Profiles
To exclude a specific QID/vulnerability from a vulnerability scan you would: You cannot exclude QID/Vulnerabilities from vulnerability scans.
Ignore the vulnerability from within an integrated workflow report. Disable the QID in the QualysGuard KnowledgeBase.
Place the QID in a saved search list, and exclude that search list within the Vulnerability Detection section of the option profile.
By default, the first user added to a new Business Unit becomes a ____________ for that unit.
Administrator Reader
Unit Manager Contact
Scanner
What purpose do Option Profiles serve?
Option Profiles allow for customization of the entire host discovery, mapping and scanning process as well as customization of several performance options
Option Profiles are not permitted when scanning
Option Profiles are created to enable Report Templates to filter specific QIDs from displaying on reports
Option Profile customization is not required when Authentication is required
What report is provided by Qualys, by default, as a way of finding the most vulnerable hosts in our environment?
Report using a Search List containing Information Gathered QIDs only Most Vulnerable Hosts Report - Scorecard Report
Host Vulnerability Matrix Template Map Report
Which of the following items are used to calculate the Business Risk score for a particular asset group? (choose all that apply)
CVE ID Security Risk Business Impact CVSS Base
About how many TCP ports are scanned when using Standard Scan option? 65535
20 10
1900
What is the maximum number of TCP ports that can participate in the Host Discovery process?
65535 20 10 1900
Which of the following is NOT a component of a vulnerability scan? Device Identification
Host Discovery DNS Brute Force Port Scanning
In order to successfully perform an authenticated (trusted) scan, you must create a(n):
Asset Map Search List Report Template
To produce a scan report that includes the results from a specific scan that occurred at a specific point in time, you should select the _______________ option in the Report Template.
Static
Host Based Findings Scan Based Findings Dynamic
What does the S in the ASLN section of Map Results really mean? Scannable, it means the IP is currently in the subscription
Scanning, the IP is currently being scanned Safe
Scanned, this IP has been scanned in the past
What does the "Import from Library" function do, in the Report Templates tools section of the UI?
Can enable faster Asset Searches
This function has been deprecated
Allows for Qualys users to download commonly used report templates, this saves time because the user doesn't have to develop his/her own Report Template
A half-red/half-yellow QID in the QualysGuard KnowledgeBase will typically appear as a confirmed vulnerability (red) within the scan results, with the inclusion of this scan option.
Authentication
Share Enumeration
Scan Dead Hosts
Authoritative Option
Which of the following components are included in the raw scan results, assuming you do not apply a Search List to your Option Profile? (choose all that apply)
Information Gathered
Option Profile Settings
Vulnerabilities
Host IP
Potential Vulnerabilities
What scanning option allows QualysGuard to get a more accurate reading of the host operating system?
Load Balancer Detection
Scan Dead Hosts
Authoritative Option
Which of the following mapping/scanning options is enabled by default? Perform Live Host Sweep
Ignore all TCP RST packets
Ignore firewall-generated TCP SYN-ACK packets
Ignore firewall-generated TCP RST packets
What type of Search List adds new QIDs to the list when the QualysGuard KnowledgeBase is updated?
Static
Dynamic
Passive
Active
Which of the following vulnerability scanning options requires the use of a “dissolvable agent”?
Windows Share Enumeration
Scan Dead Hosts
UDP port scanning