Qualys Patch Management: Addressing Vulnerabilities with Automated Patching, Exams of Industrial management

Qualys Patch Management is a powerful solution for addressing vulnerabilities in an organization's IT infrastructure. It covers key features like OS and third-party application patch deployment, Qualys cloud agents, and integration with Qualys VMDR to prioritize and address high-risk vulnerabilities. The document also explores best practices, the VMDR lifecycle, the Qualys patch catalog, and patch deployment job configuration.

Typology: Exams

2023/2024

Available from 08/17/2024

paul-kamau-2
paul-kamau-2 🇺🇸

4

(7)

5.4K documents

1 / 8

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Qualys Patch Management (Course Quizzes) 37 Questions
with Verified Answers
Which of these is a reason for using a Patch Management solution?
(A) To monitor logs on the asset
(B) To scan for viruses
(C) To close open ports and services
(D) To address vulnerabilities - CORRECT ANSWER (D) To address vulnerabilities
Which of these Qualys solutions would you use to address vulnerabilities on your
assets?
(A) Vulnerability Management
(B) Patch Management
(C) Endpoint Detection and Response
(D) Policy Compliance - CORRECT ANSWER (B) Patch Management
Which of these sensors does Qualys use to deploy patches?
(A) Scanner appliances
(B) Cloud connectors
(C) Passive sensor
(D) Cloud agent - CORRECT ANSWER (D) Cloud agent
Which of these actions is commonly performed after deploying patches?
(A) Asset is decommissioned
(B) Asset is scanned
(C) Asset is rebooted
(D) Asset is reimaged - CORRECT ANSWER (C) Asset is rebooted
Which of these is a recommended approach to patching assets?
pf3
pf4
pf5
pf8

Partial preview of the text

Download Qualys Patch Management: Addressing Vulnerabilities with Automated Patching and more Exams Industrial management in PDF only on Docsity!

Qualys Patch Management (Course Quizzes) 37 Questions

with Verified Answers

Which of these is a reason for using a Patch Management solution? (A) To monitor logs on the asset (B) To scan for viruses (C) To close open ports and services (D) To address vulnerabilities - CORRECT ANSWER (D) To address vulnerabilities Which of these Qualys solutions would you use to address vulnerabilities on your assets? (A) Vulnerability Management (B) Patch Management (C) Endpoint Detection and Response (D) Policy Compliance - CORRECT ANSWER (B) Patch Management Which of these sensors does Qualys use to deploy patches? (A) Scanner appliances (B) Cloud connectors (C) Passive sensor (D) Cloud agent - CORRECT ANSWER (D) Cloud agent Which of these actions is commonly performed after deploying patches? (A) Asset is decommissioned (B) Asset is scanned (C) Asset is rebooted (D) Asset is reimaged - CORRECT ANSWER (C) Asset is rebooted Which of these is a recommended approach to patching assets?

(A) Uninstall old patches and apply new (B) Do not apply patches unless necessary (C) Apply patches on a set of test assets, verify that the patches do not cause issues, and patch the remaining assets (D) Apply patches on all assets right away - CORRECT ANSWER (C) Apply patches on a set of test assets, verify that the patches do not cause issues, and patch the remaining assets Qualys Patch Management correlates missing patches with vulnerabilities. (A) False (B) True - CORRECT ANSWER (B) True Which of these is true about Qualys Patch Management? (A) it can install the operating system and third-party application patches (B) it can install third-party application patches only (C) it can install operating system patches only - CORRECT ANSWER (A) it can install the operating system and third-party application patches Which of these is used by Qualys Patch Management to deploy patches? (A) Scanner appliance (B) Cloud connector (C) Cloud Agent - CORRECT ANSWER (C) Cloud Agent Which of these is NOT a stage in the VMDR lifecycle? (A) Governance (B) Vulnerability & Config Assessment (C) Threat Risk and Prioritization (D) Asset Inventory (E) Patch Management - CORRECT ANSWER (A) Governance Which of these can be used as a local repository to download patches?

(B) 1024 MB

(C) 512 MB

(D) 256 MB - CORRECT ANSWER (A) 2048 MB

PM Work Flow - CORRECT ANSWER Step 1: Install Cloud Agent on the target host Step 2: Assign target agent host to a CA Configuration Profile that has PM enabled Step 3: Assign PM license to the host Step 4: Configure patch deployment job Which of these is true? (A) a patch deployment job can be configured to suppress asset reboot (B) a patch deployment job cannot suppress asset reboot - CORRECT ANSWER (A) a patch deployment job can be configured to suppress asset reboot Which of these is true about patch deployment jobs? (A) by default, all users can edit a patch deployment job (B) by default, only the user who created the patch deployment job can edit it - CORRECT ANSWER (B) by default, only the user who created the patch deployment job can edit it You want to create a deployment job that includes patches based on criteria. For example - security patches with critical severity. Which patch selection option would you use?. (A) manual patch selection (B) automatic patch selection - CORRECT ANSWER (B) automatic patch selection Which of these is true? (A) patch deployment jobs cannot be scheduled; they must run on-demand (B) patch deployment jobs can be scheduled for a future date - CORRECT ANSWER (B) patch deployment jobs can be scheduled for a future date Which of these is true about patch deployment jobs?

(A) only some patch jobs can be cloned (B) all patch jobs can be cloned - CORRECT ANSWER (B) all patch jobs can be cloned Which of these can you use to include hosts in a patch deployment job?(Select 2) (A) Asset groups (B) Asset Tags (C) Hostnames (D) IP addresses - CORRECT ANSWER (B) Asset Tags (C) Hostnames The prioritized products report allows you to view the total number of product vulnerabilities (active and fixed) detected in your environment over the last _______________. (A) Two Weeks (B) Two Months (C) Two Days (D) Two years - CORRECT ANSWER (D) Two years Why would you use the "Enable opportunistic patch download" option? (A) to have the agent download the patch before the scheduled job begins (B) to have the agent download the patch after the scheduled job begins - CORRECT ANSWER (A) to have the agent download the patch before the scheduled job begins Which of these would you use to identify patchable applications that introduce the most number of vulnerabilities in your subscription? (A) patch catalog (B) patch report (C) prioritized products report - CORRECT ANSWER (C) prioritized products report Which of the following Qualys applications or services provide the ability to create a patch job? (Select three)

(B) Incorrect - CORRECT ANSWER (A) Correct Zero Touch Patching helps: (Select two) (A) To update endpoints and servers proactively as soon as patches are available (B) Automatically create tickets for missing patches (C) Automate patch vulnerabilities based on the Real Time Threat Indicators (RTIs) (D)Runs security scans after every four hours (E) Automatically export patch information - CORRECT ANSWER (A) To update endpoints and servers proactively as soon as patches are available (C) Automate patch vulnerabilities based on the Real Time Threat Indicators (RTIs) Which query will list patches that Qualys can uninstall? (A) isUninstall: true (B) isRollback: true (C) isRollback: false (D) isUninstall: false - CORRECT ANSWER (B) isRollback: true Which of these is true about a zero-touch patch job? (A) a zero-touch patch job can only be scheduled for a future date (B) a zero-touch patch job automatically includes required patches using a QQL query (C) you can manually select patches to include in the zero-touch patch job - CORRECT ANSWER (B) a zero-touch patch job automatically includes required patches using a QQL query Which of the following statements about uninstalling patches is true? (A) Not all patches in the Patch Catalog can be uninstalled. (B) Uninstallable patches are shown with a key-shaped symbol (C) All patches in the Patch Catalog can be uninstalled. - CORRECT ANSWER (A) Not all patches in the Patch Catalog can be uninstalled. (A) (B)

(C)

(D) - CORRECT ANSWER

(A)

(B)

(C)

(D) - CORRECT ANSWER

(A)

(B)

(C)

(D) - CORRECT ANSWER