QUALYS PATCH MANAGEMENT 2026 QUESTION COLLECTION ENDPOINT SECURITY AND PATCH COMPLIANCE MO, Exams of Reasoning

QUALYS PATCH MANAGEMENT 2026 QUESTION COLLECTION ENDPOINT SECURITY AND PATCH COMPLIANCE MODULE SOLVED ITEMS AND RESPONSE KEY

Typology: Exams

2025/2026

Available from 04/15/2026

pass-withpolly7
pass-withpolly7 🇺🇸

27K documents

1 / 47

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
QUALYS PATCH MANAGEMENT 2026
QUESTION COLLECTION ENDPOINT SECURITY
AND PATCH COMPLIANCE MODULE SOLVED
ITEMS AND RESPONSE KEY
◉ What is patch management? Answer: The process of identifying,
testing, and deploying OS and application updates.
◉ What is an allow list? Answer: A security configuration where
access is denied to any entity unless it is explicitly listed as
permitted.
◉ What is a block list? Answer: A security configuration where
access is permitted unless the entity is explicitly listed as prohibited.
◉ What is the primary goal of operating system security? Answer:
To protect against unauthorized access, data breaches, malware, and
other security threats.
◉ What does 'hardening' mean in the context of an OS? Answer:
Changing an OS or application to make it operate more securely.
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f

Partial preview of the text

Download QUALYS PATCH MANAGEMENT 2026 QUESTION COLLECTION ENDPOINT SECURITY AND PATCH COMPLIANCE MO and more Exams Reasoning in PDF only on Docsity!

QUALYS PATCH MANAGEMENT 2026

QUESTION COLLECTION ENDPOINT SECURITY

AND PATCH COMPLIANCE MODULE SOLVED

ITEMS AND RESPONSE KEY

◉ What is patch management? Answer: The process of identifying, testing, and deploying OS and application updates. ◉ What is an allow list? Answer: A security configuration where access is denied to any entity unless it is explicitly listed as permitted. ◉ What is a block list? Answer: A security configuration where access is permitted unless the entity is explicitly listed as prohibited. ◉ What is the primary goal of operating system security? Answer: To protect against unauthorized access, data breaches, malware, and other security threats. ◉ What does 'hardening' mean in the context of an OS? Answer: Changing an OS or application to make it operate more securely.

◉ What is the principle of least functionality? Answer: A system should run only the protocols and services required by legitimate users to reduce the attack surface. ◉ What should be done with unused network interfaces? Answer: They should be explicitly disabled rather than left unused. ◉ How should unused services be handled? Answer: They should be disabled to minimize potential security risks. ◉ What is the purpose of application service ports? Answer: They allow client software to connect to applications over a network. ◉ What is a recommended security practice for application service ports? Answer: Disable or block them at a firewall if remote access is not required. ◉ What is the role of disk encryption? Answer: It is essential for securing data at rest within persistent storage. ◉ Why do workstations have a larger attack surface than other devices? Answer: Because they perform varied tasks and run numerous applications.

◉ How are patches typically handled in residential networks? Answer: Hosts are usually configured to check for and install patches automatically. ◉ What is a potential issue with having multiple applications running their own update clients? Answer: It can lead to performance and management issues on the same host. ◉ What is a baseline in device hardening? Answer: A standard set of guidelines or checklists for configuring devices securely. ◉ What is the main risk of over-hardening a system? Answer: It can negatively impact the functionality and usability of applications. ◉ What should an intrusion detection system do regarding nonstandard network data? Answer: Detect data that does not conform to the expected protocol format. ◉ What is a key consideration when creating an endpoint protection deployment plan? Answer: Determining the deployment order and using stages to limit potential disruptions. ◉ What are the four classifications of patches mentioned? Answer: Critical, security-critical, recommended, and optional.

◉ What is the primary benefit of using an enterprise patch management suite? Answer: It mitigates performance and management issues caused by multiple applications running individual update clients on the same host. ◉ Why is testing patches before deployment critical? Answer: To ensure stability, identify conflicts, prevent new vulnerabilities, and avoid disrupting critical operations. ◉ What is the recommended approach for creating a testing environment? Answer: Building an environment that mirrors the production environment as much as appropriate. ◉ What should be done for legacy or IoT systems that cannot be easily patched? Answer: Implement compensating controls or other forms of risk mitigation. ◉ What is the purpose of access control? Answer: To regulate and manage permissions granted to individuals, software, systems, and networks to access resources. ◉ What are Access Control Lists (ACLs) used for in networks? Answer: To filter or forward network traffic based on criteria like source/destination IP addresses, ports, or protocols.

◉ What is a block list in the context of execution control? Answer: A policy that generally allows execution but explicitly prohibits listed processes. ◉ What must precede a shift from a block-list model to an allow-list model? Answer: A risk assessment and business impact analysis, as the change can be highly disruptive. ◉ What is the role of monitoring in endpoint hardening? Answer: To enforce security measures and detect changes that weaken the hardened configuration. ◉ What might an unexpected change in a port or service status indicate during monitoring? Answer: A potential security breach. ◉ What is configuration enforcement? Answer: Methods used to ensure systems and devices adhere to mandatory security configurations. ◉ What are standardized configuration baselines? Answer: Benchmarks for how systems should be configured, often defined by organizations like NIST or CIS.

◉ What is the purpose of automated configuration management tools? Answer: To apply and maintain standardized configuration baselines across an environment automatically. ◉ Why is a change management process necessary for configuration enforcement? Answer: To ensure changes are properly reviewed, tested, and approved before implementation. ◉ Why is a systematic decommissioning process important for security? Answer: To ensure residual data is securely erased and to prevent exploitation of old configurations. ◉ What steps should be taken during the decommissioning of a device? Answer: Securely erase/overwrite data, reset to factory settings, and update inventory records. ◉ What are two fundamental practices for strengthening an endpoint's security posture? Answer: Changing default passwords and removing unnecessary software. ◉ How does monitoring support compliance? Answer: By providing regular reports on the status of endpoint devices to verify that hardening baselines are deployed and maintained.

◉ Which tools provide full disk encryption for Windows and macOS? Answer: BitLocker for Windows and FileVault for macOS. ◉ What is the purpose of Removable Media Encryption? Answer: To ensure data remains protected even when physically removed from the device via media like SD cards or USB drives. ◉ How do VPNs enhance endpoint security? Answer: They provide a secure tunnel for data transmission that protects against eavesdropping and on-path attacks. ◉ What protocols are commonly used for email encryption? Answer: PGP (Pretty Good Privacy) and S/MIME (Secure/Multipurpose Internet Mail Extensions). ◉ Define a shared folder. Answer: A folder whose contents are available over the network. ◉ What is Network-Attached Storage (NAS)? Answer: A standalone storage device or appliance that acts as a file server. ◉ What is a Storage Area Network (SAN)? Answer: A special network composed of high-speed storage shared by multiple servers.

◉ What protocol is a common target for attacks on file servers? Answer: The NetBIOS protocol. ◉ Which NetBIOS ports should be closed on a file server to enhance security? Answer: Ports 135 and 137-139. ◉ What is an administrative share? Answer: A hidden shared folder available only to administrative users. ◉ How can you create a hidden share in Windows? Answer: By appending a $ sign to the end of the share name. ◉ What is the difference between a hard limit and a soft limit in FSRM quotas? Answer: A hard limit prevents exceeding the quota, while a soft limit sends a message when the limit is exceeded. ◉ What is the difference between an active and passive file screen? Answer: An active file screen prevents saving specified file types, while a passive screen monitors when they are added. ◉ Define the principle of least privilege. Answer: Granting a principal the minimum possible sufficient rights to complete an authorized task.

◉ What is provisioning? Answer: The process of setting up a service or user account according to a standard procedure or best practice checklist. ◉ What is the primary goal of teaching policy awareness to employees? Answer: To ensure they are aware of security policies, risks, and policies for personal use of IT assets. ◉ What should be done with accounts granted privileged access? Answer: They should be tagged for close monitoring. ◉ What is deprovisioning? Answer: The process of removing access rights and permissions when an employee leaves or a project ends. ◉ What is the risk of anonymous login in FTP? Answer: It allows unrestricted access to the FTP server. ◉ How are logon credentials transmitted in standard FTP? Answer: In cleartext, making them vulnerable to capture by sniffers. ◉ Which ports does FTP use for control and data transfer? Answer: Port 21 for control information and port 20 for data transfer.

◉ What are the primary security limitations of TFTP? Answer: It provides no authentication, encryption, or error detection. ◉ Which protocol uses SSH1 to secure file transfers? Answer: Secure Copy Protocol (SCP). ◉ Which protocol uses SSH2 to secure file transfers? Answer: Secure Shell File Transfer Protocol (SFTP). ◉ What is FTPS? Answer: A protocol that adds SSL or TLS to FTP to secure credentials and encrypt data. ◉ What is an ACL in file system security? Answer: An access control list containing a list of accounts and their permissions for a resource. ◉ What are the three basic Linux file permissions? Answer: Read (r), Write (w), and Execute (x). ◉ In Linux, what does the 'w' permission allow? Answer: The ability to save changes to a file or create, rename, and delete files in a directory. ◉ What command is used to modify file permissions in Linux? Answer: The chmod command.

◉ What is the relationship between Allow and Deny permissions? Answer: Deny permissions override Allow permissions. ◉ What is a common strategy for combining Share and NTFS permissions? Answer: Assign Co-owner share permissions to Everyone and use NTFS permissions to control access. ◉ What protocol is used to tunnel FTP traffic through an SSH tunnel? Answer: Secure FTP (FTP over SSH). ◉ What type of list do both Share and NTFS permissions use to control access? Answer: A discretionary access control list (DACL). ◉ What is the principle of least privilege in the context of NTFS permissions? Answer: Assigning permissions only to necessary groups and only the minimum permissions required for those groups. ◉ How do NTFS permissions interact with share permissions? Answer: Even if share permissions are set to Everyone, only users or groups with specific NTFS permissions will have access. ◉ What is the purpose of iptables in Linux? Answer: A firewall command line utility that uses three policy chains to allow or block network traffic.

◉ What is physical device port hardening? Answer: Restricting physical interfaces (like USB or HDMI) on a device to reduce potential avenues of physical attack. ◉ How can UEFI/BIOS settings be used for port hardening? Answer: By disabling physical ports or requiring a password to boot from nonstandard sources like USB drives. ◉ What is the risk of using unknown USB devices according to the BadUSB research? Answer: Firmware can be reprogrammed to spoof other device classes, such as keyboards for keystroke injection or network devices for traffic redirection. ◉ What is a 'sheep dip' in cybersecurity? Answer: A sandboxed lab system used to observe suspicious devices for malicious behavior before connecting them to a production network. ◉ What is the primary defense against USB-based malware infection? Answer: Configuring hosts to prevent autorun when USB devices are attached. ◉ What are logical ports? Answer: Software-based communication features that enable data exchange between applications or services.

◉ What is the command to disable a service in Linux? Answer: systemctl disable servicename. ◉ Which utility is used to scan for open TCP and UDP ports on a system? Answer: nmap. ◉ What is the nmap command to scan for TCP ports? Answer: nmap

  • sT ipaddress|fqdn. ◉ What is the nmap command to scan for UDP ports? Answer: nmap
  • sU ipaddress|fqdn. ◉ Why should unnecessary network services be removed? Answer: To save computer resources and reduce the system's attack surface. ◉ What is the risk of leaving open network sockets? Answer: They create a security risk by providing potential entry points for attackers. ◉ What is the purpose of application control features in advanced firewalls? Answer: To permit only trusted applications to communicate over the network.

◉ What should you check before disabling a service? Answer: Whether the service is a dependency for another required service. ◉ What is the command to stop a service immediately in Linux? Answer: systemctl stop servicename. ◉ How can you identify if permission inheritance is in effect on Windows? Answer: By checking the Advanced Security settings for the file or folder. ◉ What command stops a service in Linux? Answer: systemctl stop servicename ◉ What command disables a service from starting automatically? Answer: systemctl disable servicename ◉ What is a network socket? Answer: An endpoint of a bi-directional communication flow across a computer network ◉ What does the netstat option - a do? Answer: Lists both listening and non-listening sockets ◉ What does the netstat option - l do? Answer: Lists only listening sockets