Professional Documents
Culture Documents
Qualys Questions
Qualys Questions
The IP is secure
Which of the following types of items can be found in the Qualys KnowledgeBase? (choose
all that apply)
X Potential Vulnerabilities
Asset Groups
Remediation Tickets
X Confirmed Vulnerabilities
The information contained in a map result can help network administrators to identify
_______________ devices.
Rogue (unapproved)
Exploitable
Vulnerable
X Unpatched
X Option Profile
Search List
Report Template
X Domain/Netblock
X Scanner Appliance
By default, the first user added to a new Business Unit becomes a ____________ for that unit.
Reader
Auditor
Administrator
X Unit Manager
Scanner
Host Discovery
OS Detection
Port Scanning
X Business Impact
Which of the following vulnerability scanning options requires the use of a “dissolvable agent”?
Search Lists
Report Templates
X Asset Tags
X Asset Groups
Option Profiles
Multiple Remediation Policies are evaluated:
In no specific order
Which asset tagging rule engine, supports the use of regular expressions?
IP Address in Range(s)
X No Dynamic Rule
Asset Groups and Asset Tags can be used to effectively customize or fine tune … (choose all that
apply)
X Reports
Search Lists
Remediation Policies
X Vulnerability Scans
What scanning option allows Qualys to get a more accurate reading of the host operating system?
Authoritative Option
X Place the QID in a search list, and exclude that search list from within the Option Profile.
Which of the following options can be used to run a map? (choose all that apply)
Vulnerability Detection
X DNS Reconnaissance
Before you can scan an IP address for vulnerabilities, the IP address must first be added to the …
Domains tab
Which of the following items are used to calculate the Business Risk score for a particular asset
group? (choose all that apply)
X Security Risk
CVE ID
CVSS Base
X Business Impact
What is the 6-step lifecycle of Qualys Vulnerability Management?
In order to successfully perform an authenticated (trusted) scan, you must create a(n):
Search List
Asset Map
X Authentication Record
Report Template
Which scorecard report provides the option to set a Business Risk Goal?
What is the maximum number of TCP ports that can participate in the Host Discovery process?
X 20
65535
1900
10
What type of Search List adds new QIDs to the list when the Qualys KnowledgeBase is updated?
Passive
X Dynamic
Static
Active
Which of the following will have the greatest impact on a half red, half yellow QID?
Share Enumeration
X Authentication
Authoritative Option
Run a report
X Run a scan
Run a map
Unix
All
X None
Windows
What does it mean when a “pencil” icon is associated with a QID in the Qualys KnowledgeBase?
Which Vulnerability Detail (found in a Scan Template) identifies the data or information collected
and returned by the Qualys Scanner Appliance?
Impact
Compliance
X Results
Solution
Threat
Which of the following components are included in the raw scan results, assuming you do not
apply a Search List to your Option Profile? (choose all that apply)
X Vulnerabilities
X Information Gathered
X Potential Vulnerabilities
X Host IP
When a host is removed from your subscription, the Host Based Findings for that host are...
Archived
Ranked
Ignored
X Purged