Vulnerability Management Detection and Response (VMDR) Exam 2.0

 

1. Which type type of Dashboard Dashboard Widget Widget can be congur congured ed to change change color, color, as its tracked tracked data reaches reaches specic condions or threshold levels? Bar Chart

Table

Count

Pie Chart

2. Which of the the following following frequencie frequencies, s, can be used used to schedule schedule a Patch Patch Deploymen Deploymentt Job? Select Select all that apply. Weekly

Quarterly

Annually

Daily

3. Which Qualys Qualys applica applicaon on module module is NOT NOT include include in the Default Default VMDR Ac Acva vaon on Key? Patch Management

PCI Compliance

Cybersecurity Asset Management

Vulnerability Management

4. Which Qualys Qualys applica applicaon, on, provides provides the the Real-Time Real-Time Threat Threat Indicator Indicatorss (RTIs) used used in the VM VMDR DR Priorizaon Report? Patch Management

Asset Inventory

Threat Protecon

Vulnerability Management

5. The Qualys Qualys CSAM applic applicaon aon disngui disnguishes shes your your asset invent inventory ory using using which of of the following following categories? Select all that apply. Soware

Hardware

Firmware

Operang System

6. Which “Acve “Acve Threat” Threat” category category iinclude ncludess aacks aacks that require require lile lile skill and and do not req require uire addional informaon? Predicted High Risk

Easy Exploit

Public Exploit

Zero Day

7. Presently, Presently, you can can add up up to _____ _____ patche patchess to a single job. 2000

1250

1750

1500

8. Which Qualys Qualys technolo technology gy provides provides a patch patch download download cache, cache, to achieve achieve a more more ecient ecient distribuon of downloaded patches, to local agent host assets? Qualys Passive Sensor

Qualys Scanner Appliance

Qualys Gateway Server

Qualys Connector

9. Using the the “Search” “Search” eld (found (found in the VULNER VULNERABILIT ABILITIES IES sec secon on of VMDR), which which query query will produce a list of “patchable” vulnerabilies? vulnerabilies.vulnerability.qualysPatchable:TRUE vulnerabilies.vulnerability.isPatchable:TRUE

 

vulnerabilies.vulnerability.qualysPatchable:FALSE vulnerabilies.vulnerability.isPatchable:FALSE 10. Which of the following queries will dis display play assets with with a Relaonal Database Database Management System? soware:(category1:Databases / RDBMS) soware:(Databases / RDBMS), soware: (category2:Databases / RDBMS) soware:(category:Databases / RDBMS) 11. By default, which of of the following factors are used by the VMDR Priorizaon Priorizaon Report, to priorize vulnerabilies? Select all that apply. Vulnerability age

Real me Threat Indicators

Compliance Posture

Aack Surface

12. Which “Acve Threat” category includes vulnerabilies th that at are acvely aacked and have have no patch available? Easy Exploit

Malware

Exploit Kit

Zero Day

13. Which of the following convenons can be be used to include or ass assign ign host assets to a job? job? Select all that apply. Business Unit

Asset Name

Asset Tag

Asset Group

14. Qualys categorizes your your soware inventory inventory by which of of the following license types? Select all that apply. Premier

Trial

Commercial

Open Source

15. You are in the process of of inducng new employees employees on the Global AssetView AssetView applicaon. In your presentaon you have to add the features of this applicaon. Which features from the below menoned list will you include? Select all that apply. Categorized and normalized hardware and soware informaon Ability to dene and track unauthorized soware Asset Cricality Score Discovery and inventory of all IT assets 16. You have been asked asked to create a “Zero-Touch” “Zero-Touch” patch deployment job. You You have already scheduled this job to run once a week. What addional requirement must be met? Select patches using Asset Tags

Defer patch selecon to a later me

Automate patch selecon using QQL

Select patches manually

 

17. Once you establish your priority opon you can generate generate your Priorizaon Priorizaon Report. By default this report will produce a list of _________ that match your priority opons. Patches

Threat Feeds

Vulnerabilies

Assets

18. Once you establish your priority opon you can generate generate your Priorizaon Priorizaon Report. By default this report will produce a list of _________ that match your priority opons. Create Dashboard widgets for all the contents of the report Export the report to dashboard and create a dynamic widget Schedule a report to run on a regular basis Run a report every me it is needed 19. Aer Qualys Cloud Agent has been been successfully installed on a target host, which of the followi following ng “Patch Management” setup steps must be completed, before host patch assessments can begin? Select all that apply. Assign host to CA Conguraon Prole (with PM enabled) Acvate PM module on host Assign host to a PM Job Assign host to an enabled PM Assessment Prole 20. You have to priorize the vulnerabilies by age b before efore you go ahead and generate generate a Priorizaon Report. When you are priorizing vulnerabilies by age, you have the opons of: Select all that apply. Vulnerability Age

Detecon Age

Priority Age

Installaon Age

21. In CSAM, the term “unidene “unidened” d” means: Select all that apply. There isn’t enough informaon gathered to determine the OS/hardware/soware Qualys couldn’t fully ngerprint the OS There is enough informaon, but the data isn’t catalogued in CSAM yet Qualys could fully ngerprint the OS but it’s not in your subscripon 22. You were unable to search search some of your Operang Operang Systems using a lifecycle query. query. Later, you found out the reason. The lifecycle stage of the operang system you were searching was: End of life

End of support

Obsolete

General Availability

23. Which of the following condions must be met, in order for Qualys Patch Management to successfully patch a discovered vulnerability? Select all that apply. The vulnerability should be less than 30 days The vulnerability must be conrmed, The vulnerability’s host must be running Qualys Cloud Agent The vulnerability must be patchable

 

24. You have to run a patch job job on a regular basis. Which of the following following will you follow in order to make your work ecient? Select all that apply. Use Asset Tags as targets for patch deployment jobs Use the dashboard to monitor Schedule patch job on a monthly basis Once test deployments are veried Clone the deployment job and include producon asset tags 25. The Threat Feed leverages leverages data from mulple sources. sources. Which of the following sources are used? Select all that apply. Other Sources Exploit Sources Malware Sources Qualys Threat and Malware Research Team 26. You have deployed several several thousand Qualys C Cloud loud Agents, and now you would would like to conserve network bandwidth by allowing your agents to store and share their downloaded patches (from a central locaon). Which Qualys technology is the best t to solve this challenge? Qualys Passive Sensor Qualys Gateway Server Qualys Cloud Connector Qualys Scanner Appliance 27. You have to analyse the the threat intelligence informaon informaon provided by Qualys Thre Threat at and Malware Labs. Where will you nd this informaon? VMDR > Vulnerabilies tab > Asset

VMDR > Dashboard tab

VMDR > Priorizaon tab > Threat Feed

VMDR > Priorizaon tab > Reports

28. Your colleague has just completed completed the following steps to setup setup your Qualys account for patching: 1. Installed Qualys Cloud Agent on target hosts. 2. Assigned all Agent hosts to a Conguraon Prole with PM conguraon enabled. 3. Acvated the PM applicaon module for all Agent hosts. 4. Assigned all hosts to an enabled Assessment Prole. Although Deployment Jobs have been created and enabled, patches are not geng installed. What step did your colleague miss? Targeted assets must be congured to consume a patching license Targeted assets must be labelled with the ""Patchable"" Asset Tag Targeted assets must be added to the ""Patch Management"" Asset Group Targeted assets must be added to the Patch Catalogue 29. A pre-deployment message message appears at the start start of a patch job. You have tto o create a deployment  job for a Windows user wherein wherein he will receive a no nocaon caon message to the user indicang that a reboot is required. What communicaon opon will you select? Reboot message

Reboot Countdown

Supress Reboot

Reboot Request

30. Your IT team has congured congured a patch window to run a deployment deployment job within 5 hours. Due to some reason you were not able to start the patch installaon within that window. What status will they host display? Not aempted

Timed out

Retry

Failed