Question
Answered step-by-step

Appreciate urgent action to answer the below Questions related to Qualys Vulnerability Management1-

To enumerate installed software applications on targeted hosts, scans should be performed in __________ mode.

Choose an answer:

Unauthenticated

Authenticated

Authoratative

Verbose

 

2-Why is it beneficial to configure the Business Impact of an Asset Group?

Choose an answer:

It's used to calculate storage space

It's used to calculate Severity Levels.

It's used to calculate CVSS Scores.

It's used to calculate Business Risk

3-You are building an Option Profile that targets "Zero Day" vulnerabilities. Which "Scan" option will allow you to use a "Zero Day" Search List to achieve this objective?

Choose an answer:

Vulnerability Detection

Password Brute Forcing

Additional Certificate Detection

TCP Ports

4-The Service Detection Module can detect over ________ services running on TCP and UDP ports.

Choose an answer:

600

256

512

128

5-Which of the following are components of a Business Unit? (choose 2)

Choose all that apply:

Search Lists

Asset Groups

Policies

Users

Option Profiles

6-Which "Display" option (in a Scan Report Template) identifies the data or evidence collected from a host that produces a specific vulnerability finding?

Choose an answer:

Threat

Solution

Impact

Results

Compliance

7-hat color code is used in the Qualys KnowledgeBase to identify QIDs that exhibit predictable (but different) results in the presence or absence of authentication?

Choose an answer:

Blue

Yellow

Half-Red/Half-Yellow

Red

 

 

8-How often are "Dynamic" Asset Tags updated?

Choose an answer:

Every time new assessment data is collected (scanner or agent)

Every time you search the Qualys KnowledgeBase

Every time you login to your user account.

Every time a report is generated.

9-Which of the following VM reports are created from a Report Template?

Choose all that apply:

Authentication Report

Patch Report

Remediation Report

Scan Report

Map Report

10-Agent data (data collected by a Qualys Agent) is stored as ______ Based Findings.

Choose an answer:

Host

Scan

Client

Server

11-Which of the following best describes a "Dynamic" Search List?

Choose an answer:

Manually updated

Updates can be scheduled regularly

Automatically updated

Updated only upon user request

12-To achieve the most accurate OS detection results, scans should be performed in __________ mode.

Choose an answer:

Verbose

Unauthenticated

Authoratative

Authenticated

13-You have just created a KnowledgeBase Search List. Where can you use or apply it? (choose 3)

Choose all that apply:

In a Remediation Policy

In an Asset Group

In an Option Profile

In a Report Template

In a Business Unit

In an Asset Tag

14-What is the default number of "Host Discovery" TCP ports?

Choose an answer:

13

1900

180

20

15-What are some of the present options for adding security to Qualys user accounts? (choose 3)

Choose all that apply:

Establish an account "lockout" policy for failed login attempts

Enable two-factor authentication

Set high password strength requirements

Restrict access by hostname

 

16-When configuring the "Scan" options in an Option Profile, what port scanning option allows you to target the most typical and commonly used port numbers (i.e., effective coverage without being too excessive)?

Choose an answer:

Full

Complete

Light

Standard

 

17-Which of the following criteria can be used to create dynamic Search List? (choose 3).

Choose all that apply:

IP Address

Host Name

CVE ID

CVSS Score

Severity Level

18-Which of the following are required, to perform an "authenticated" scan that only targets "severity 5" vulnerabilities? (choose all that apply)

Choose all that apply:

Scanner appliance

Target Hosts

Authentication Record

Search List (severity 5 QIDs)

Option Profile

19- One of your "Scanner" users would like to perform a comprehensive scan (occasionally) that targets the maximum number of service ports. Which port scanning option do you recommend?

Choose an answer:

None

Standard Scan

Light Scan

Full

20-While it is highly recommended, which of the following is NOT required to launch a vulnerability scan?

Choose an answer:

Target Hosts

Option Profile

Authentication Record

Scanner Appliance

21-One of your colleagues would like to build a report to display vulnerability findings over the last three months (including trending information)? What do you recommend?

Choose an answer:

Build a scan template with the "All" Asset Group as its target.

Build a scan template that uses Host Based Findings.

Build a scan template that sorts findings by Asset Group

Build a scan template that uses Scan Based Findings

22-Which of the following sensors are presently used by Qualys VM to collect the data needed to perform host vulnerability assessments? (choose 2)

Choose all that apply:

Cloud Agent

Scanner Appliance

Passive Sensor

Cloud Connector

23-Which of the following is the default tracking method used by Qualys Cloud Agents?

Choose an answer:

Qualys Host ID

IP Address

NetBIOS Name

DNS Name

24-What is the name given to a custom list of QIDs taken from the Qualys Knowledgebase?

Choose an answer:

Search List

Asset Group

Authentication Record

Host Assets

25-Select the option below that contains the correct order or sequence of events.

Choose an answer:

1) Add host to subscription, 2) Use host as report source, 3) Scan host

1) Use host as report source, 2) Add host to subscription, 3) Scan host

1) Add host to subscription, 2) Scan host, 3) Use host as report source

1) Scan host, 2) Add host to subscription, 3) Use host as report source

26-Which of the following does not accurately describe a behavior or characteristic of a Remediation Policy?

Choose an answer:

A Remediation policy at the bottom of the list has precedence over the policies above it.

A Remediation policy can be configured to assign detected vulnerabilities to Qualys users.

A Remediation policy can be configured to ignore certain vulnerability QIDs.

Remediation policies contain conditions and actions.

27-Which of the following is never included in the raw scan results?


Choose an answer:

Potential vulnerability findings

Information-gathered (IG) data

List of fixed vulnerabilities

Confirmed vulnerability findings


28-Which of the following tasks can be accomplished using "Asset Search" within the Vulnerability Management application? (choose 3)


Choose all that apply:

Build a Search List

Produce a list of host assets

Create Asset Tag

Edit a list of host assets


29-To produce a "trend" report that covers the last twelve months of vulnerability activity, you should select ______ Based Findings in the Scan Report Template.


Choose all that apply:

Scan

Client

Host

Server 

Answer & Explanation
Verified Solved by verified expert
Rated Helpful
<p>ipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus, congue vel laoreet ac, dictum vitae odio. Donec aliquet. Lorem ipsum dolor</p> Fusce dui lectus, congue vel laoreet ac, dictum vitae odio. Donec aliquet

Unlock full access to Course Hero

Explore over 16 million step-by-step answers from our library

Subscribe to view answer

itur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus,

, ultrices ac magna. Fusce dui lectus, congue ve

it amet, consectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dap

usce dui lectus, congue vel laoree

gue

sum dolor sit amet, consectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pe

ctum vitae odio

gue

acinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur

ur laoreet. Nam risus ante, dapibus a

gue

consectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequ

iscing elit. Nam l

gue

, dictum vitae odio. Donec aliquet. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitu

e vel laoreet

gue

o. Donec aliquet. Lorem ipsum dolor sit amet

, dictum vitae odio. Donec aliquet. Lorem ipsum dolor sit a

gue

lestie consequat, ultrices ac magna. Fusce dui lectus, congue vel laore

rem ipsum dolor sit amet, consect

gue

a molestie consequat, ultrices ac magna. Fusce dui lectus, congue vel laoreet ac, d

a molestie consequ

gue

ipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellent

ac, dictum vitae odio. Donec aliquet. Lorem ip

gue

dictum vitae odio. Donec aliquet. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nam lac

icitur laoreet. Nam

gue

or nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie co

Fusce dui lectus

ec facilisis. Pellen

ia pulvinar tortor n

itur laoreet. Nam

gue

e vel laoreet ac, dictum vitae odio. Donec aliquet. Lorem

amet, consectetu

gue

onec aliquet. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nam lacinia pulvinar tortor

o. Done

rem ipsum dolor sit amet, conse

ipsum dolor sit amet, consectetur adipi

, ultrices ac magna. Fusce

gue

e vel laoreet ac, dictum vitae odio. Donec aliquet. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dap

ur laoreet. Nam risu

gue

gue

ac, dictum vitae odio. Donec aliquet. Lorem ipsum dolor sit amet, consectetur adipiscing

o. Done

Donec al

onec aliq

gue

consectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie

o. Done

acinia pulvi

m ipsum dolor sit ame

gue

ac, dictum vitae odio. Donec aliquet. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam ri

m ipsum dolor sit amet, c

gue

sque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce du

, consectetur adipiscing elit

gue

usce dui lectus, congue vel laoreet ac, dictum vitae odio. Donec aliquet. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisi

gue vel laoreet ac, dictum vitae odio. Donec aliquet. Lorem ips

gue

itur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus, congue vel laoreet ac, dictum vitae odio. Donec a

tesque dapi

a. Fusce dui l

dictum vitae od

gue

ipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus effic

e vel laoreet ac, dictum vit

gue

nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a mo

inia pulvinar tortor ne

gue

at, ultrices ac magna. Fusce dui lectus, congue vel laoreet ac, dictum vitae odi

m ipsum dolor sit amet, consectetur adipiscing elit. Nam lacinia pulvinar tortor ne

gue

ec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices

risus ante, dapibus a molestie consequat, ultrices ac magna. Fus

gue

ce dui lectus, congue vel laoreet ac, dictum vitae odio. Donec aliqu

s ante, dapibus a molestie consequat, ultri

gue

m ipsum dolor sit amet, consectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitu

o. Done

lestie consequat, u

dictum vitae odio. Donec aliq

amet, consectetu

gue

itur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus, congue vel laoreet ac, dictum vitae odio. Donec aliquet. Lorem i

Fusce dui lectus, con

Step-by-step explanation

fficitur laoreet. Nam risus anto.scing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus, co

congue vel laoreet ac, dictum vitae odio. Donec aliquet. Lorem ipsum dolor