1 If adequate data exists (for Qualys to properly categorize an asset’s hardware or OS), but they have yet to be added to the asset catalog, they will potentially be listed as __________ . Choose an answer: Unknown Unidentified Unavailable Uncertain 2 Which Qualys application, provides the Real-Time Threat Indicators (RTIs) used in the VMDR Prioritization Report? Choose an answer: Patch Management Asset Inventory Threat Protection Vulnerability Management 4 Which “Active Threat” category includes attacks that require little skill and do not require additional information? Choose an answer: Predicted High Risk Easy Exploit Public Exploit Zero Day Which of the following frequencies, can be used to schedule a Patch Deployment Job? Select all that apply. Choose all that apply: Weekly Quarterly Annually Daily Presently, you can add up to _____ patches to a single job. Choose an answer: 2000 1250 1750 1500 5 Which phase of the VMDR Lifecycle is addressed by Qualys Patch Management (PM)? Choose an answer: Vulnerability Management Response Asset Management Threat Detection & Prioritization 6 Which phase of the VMDR Lifecycle is addressed by Qualys Patch Management (PM)? Choose an answer: Vulnerability Management Response Asset Management Threat Detection & Prioritization 7 Qualys provides virtual scanner appliances for which of the following cloud platforms? Select all that apply. Choose all that apply: Amazon AWS Google Cloud Platform Rackspace Cloud Microsoft Azure 8 Which Qualys technology provides a patch download cache, to achieve a more efficient distribution of downloaded patches, to local agent host assets? Choose an answer: Qualys Passive Sensor Qualys Scanner Appliance Qualys Gateway Server Qualys Connector 9 By default, which of the following factors are used by the VMDR Prioritization Report, to prioritize vulnerabilities? Select all that apply. Choose all that apply: Vulnerability Age Real-Time Threat Indicators Compliance Posture Attack Surface 10 What are the prerequisites to integrate Qualys with ServiceNow CMDB? Select all that apply. Choose all that apply: ServiceNow user account with Qualys API access enabled Qualys CMDB Sync or Service Graph Connector app installed in ServiceNow Qualys user account with API access disabled Qualys subscription with Cybersecurity Asset Management license 11 Which of the following Deployment Job steps will allow you to install software and run a custom script? Select all that apply. Choose all that apply: Select Assets Select Post-actions Select Pre-Actions Select Patches 12 Which of the following queries will display assets with a Relational Database Management System? Choose an answer: software:(category1:Databases / RDBMS) software:(Databases / RDBMS) software:(category2:Databases / RDBMS) software:(category:Databases / RDBMS) 13 Which “Active Threat” category includes vulnerabilities that are actively attacked and have no patch available? Choose an answer: Easy Exploit Malware Exploit Kit Zero Day 14 You have been asked to create a “Zero-Touch” patch deployment job. You have already scheduled this job to run once a week. What additional requirement must be met? Choose an answer: Select patches using Asset Tags Defer patch selection to a later time Automate patch selection using QQL Select patches manually 15 Once you establish your priority option you can generate your Prioritization Report. By default this report will produce a list of _________ that match your priority options. Choose an answer: Patches Threat Feeds Vulnerabilities Assets 16 After building a Prioritization Report, you want to monitor the contents of the report on a regular basis. What will you do? Choose an answer: Create Dashboard widgets for all the contents of the report Export the report to dashboard and create a dynamic widget Schedule a report to run on a regular basis Run a report every time it is needed 17 When creating a patch job, a “Patch Window” set to the __________ option, will allow the Cloud Agent as much time as it needs to complete the job? Choose an answer: None Full Unlimited Complete 18 consume a patching license, one or more host ________ ________ must be added to the “Licenses” tab (within the Patch Management application). Choose an answer: Business Units Asset Tags Asset Names Asset Groups 19 You were unable to search some of your Operating Systems using a lifecycle query. Later, you found out the reason. The lifecycle stage of the operating system you were searching was: Choose an answer: End-of-Life End-of-Support Obsolete General Availability 20 In CSAM, the term “unidentified” means: Select all that apply. Choose all that apply: There isn’t enough information gathered to determine the OS/hardware/software Qualys couldn’t fully fingerprint the OS There is enough information, but the data isn’t catalogued in CSAM yet Qualys could fully fingerprint the OS but it’s not in your subscription 21 After Qualys Cloud Agent has been successfully installed on a target host, which of the following “Patch Management” setup steps must be completed, before host patch assessments can begin? Select all that apply. Choose all that apply: Assign host to CA Configuration Profile (with PM enabled) Activate PM module on host Assign host to a PM Job Assign host to an enabled PM Assessment Profile 22 You have deployed several thousand Qualys Cloud Agents, and now you would like to conserve network bandwidth by allowing your agents to store and share their downloaded patches (from a central location). Which Qualys technology is the best fit to solve this challenge? Choose an answer: Qualys Passive Sensor Qualys Gateway Server Qualys Cloud Connector Qualys Scanner Appliance 23 Your IT team has configured a patch window to run a deployment job within 5 hours. Due to some reason you were not able to start the patch installation within that window. What status will they host display? Choose an answer: Not Attempted Timed Out Retry Failed 24 The Threat Feed leverages data from multiple sources. Which of the following sources are used? Select all that apply. Choose all that apply: Other Sources Exploit Sources Malware Sources Qualys Threat and Malware Research Team 25 Which of the following conditions must be met, in order for Qualys Patch Management to successfully patch a discovered vulnerability? Select all that apply. Choose all that apply: The vulnerability should be less than 30 days The vulnerability must be confirmed The vulnerability’s host must be running Qualys Cloud Agent The vulnerability must be patchable State the requirements for using the Qualys Patch Management application Describe Patch License Consumption, Patch Assessment Scans, and Patch Deployment Jobs Demonstrate the use of Patch License Consumption, Patch Assessment Scans, and Patch Deployment Jobs Identify the various components of the Patch Catalog 26 You have to run a patch job on a regular basis. Which of the following will you follow in order to make your work efficient? Select all that apply. Choose all that apply: Use Asset Tags as targets for patch deployment jobs Use the dashboard to monitor Schedule patch job on a monthly basis Once test deployments are verified, clone the deployment job and include production asset tags 27 A pre-deployment message appears at the start of a patch job. You have to create a deployment job for a Windows user wherein he will receive a notification message to the user indicating that a reboot is required. What communication option will you select? Choose an answer: Reboot Message Reboot Countdown Supress Reboot Reboot Request 28 Your colleague has just completed the following steps to set up your Qualys account for patching: 1. Installed Qualys Cloud Agent on target hosts. 2. Assigned all Agent hosts to a Configuration Profile with PM configuration enabled. 3. Activated the PM application module for all Agent hosts. 4. Assigned all hosts to an enabled Assessment Profile. Although Deployment Jobs have been created and enabled, patches are not getting installed. What step did your colleague miss? Choose an answer: Targeted assets must be configured to consume a patching license Targeted assets must be labelled with the ""Patchable"" Asset Tag Targeted assets must be added to the ""Patch Management"" Asset Group Targeted assets must be added to the Patch Catalog 29 You have to analyse the threat intelligence information provided by Qualys Threat and Malware Labs. Where will you find this information? Choose an answer: VMDR > Vulnerabilities tab > Asset VMDR > Dashboard tab VMDR > Prioritization tab > Threat Feed VMDR > Prioritization tab > Reports Which of the following identifies the correct order of the VMDR Lifecycle phases? Choose an answer: Asset Management, Threat Detection & Prioritization, Vulnerability Management, Response Asset Management, Vulnerability Management, Threat Detection & Prioritization, Response Vulnerability Management, Threat Detection & Prioritization, Response, Asset Management Vulnerability Management, Asset Management, Threat Detection & Prioritization, Response Qualys provides virtual scanner appliances for which of the following cloud platforms? Select all that apply. Choose all that apply: Amazon AWS Google Cloud Platform Rackspace Cloud Microsoft Azure The Qualys CSAM application distinguishes your asset inventory using which of the following categories? Select all that apply. Choose all that apply: Software Hardware Firmware Operating System Qualys categorizes your software inventory by which of the following license types? Select all that apply. Choose all that apply: Premier Trial Commercial Open Source Which Qualys application module is NOT include in the Default VMDR Activation Key? Choose an answer: Patch Management (PM) PCI Compliance (PCI) CyberSecurity Asset Management (CSAM) Vulnerability Management (VM) Using the “Search” field (found in the VULNERABILITIES section of VMDR), which query will produce a list of “patchable” vulnerabilities? Choose an answer: vulnerabilities.vulnerability.qualysPatchable:TRUE vulnerabilities.vulnerability.isPatchable:TRUE vulnerabilities.vulnerability.qualysPatchable:FALSE vulnerabilities.vulnerability.isPatchable:FALSE Which of the following queries will display assets with a Relational Database Management System? Choose an answer: software:(category1:Databases / RDBMS) software:(Databases / RDBMS) software:(category2:Databases / RDBMS) software:(category:Databases / RDBMS) What are the prerequisites to integrate Qualys with ServiceNow CMDB? Select all that apply. Choose all that apply: Qualys subscription with CyberSecurity Asset Management license Qualys CMDB Sync or Service Graph Connector app installed in ServiceNow CMDB Sync enabled for Qualys account ServiceNow user account with Qualys API access enabled You are in the process of inducting new employees on the Global AssetView application. In your presentation you have to add the features of this application. Which features from the below mentioned list will you include? Select all that apply. Categorized and normalized hardware and software information Ability to define and track unauthorized software Asset Criticality Score Discovery and inventory of all IT assets you have to run a patch job on a regular basis. Which of the following will you follow in order to make your work efficient? Select all that apply. Choose all that apply: Use Asset Tags as targets for patch deployment jobs Use the dashboard to monitor Schedule patch job on a monthly basis Once test deployments are verified, clone the deployment job and include production asset tags