







Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
A series of multiple-choice questions related to qualys patch management (pm). It covers topics such as identifying patchable vulnerabilities, assigning host assets to jobs, understanding patch deployment processes, prioritizing vulnerabilities, and managing patching licenses. The questions are designed to test knowledge of the qualys pm application and its features, including patch assessment, job creation, and asset management. This resource is useful for individuals preparing for a qualys pm exam or seeking to deepen their understanding of patch management practices within the qualys ecosystem. It provides practical insights into configuring and utilizing qualys pm for effective vulnerability remediation and security posture improvement. The document also touches on key aspects of patch deployment, such as scheduling jobs, managing patch sources, and optimizing patch distribution.
Typology: Exams
1 / 13
This page cannot be seen from the preview
Don't miss anything!








1. Using the "Search" field (found in the VULNERABILITIES section of the VM Dashboard), which query will produce a list of "patchable" vulnerabilities? (A)vulnerabilities.vulnerability.qualysPatchable:TRUE (B)vulnerabilities.vulnerability.qualysPatchable:FALSE (C)vulnerabilities.vulnerability.isPatchable:FALSE (D)vulnerabilities.vulnerability.isPatchable:TRUE: correct answer- (D)vulnerabilities.vulnerabili- ty.isPatchable:TRUE 2. Which of the following conventions can be used to include or assign host assets to a job? (choose 2) (Select all that apply) (A) Asset Name (B) Asset Group (C) Business Unit (D) Asset Tag: correct answer- (A) Asset Name (D) Asset Tag 3. The process is responsible for installing and uninstalling patch- es, included in patch jobs you create.
(A) stdeploy.exe (B) Qualys Cloud Agent (C) notify.exe (D) Qualys Cloud Agent UI: correct answer- (B) Qualys Cloud Agent
4. What does it mean, when a patch is displayed with a "key-shaped" symbol? (A) The patch is a key requirement for the deployment of other patches. (B) The patch cannot be downloaded by Qualys Cloud Agent. (C) The patch has been deprecated. (D) The patch cannot be uninstalled.: correct answer- (B) The patch cannot be downloaded by Qualys Cloud Agent. 5. Within a PM Assessment Profile, what is the minimum value, for patch assessment frequency? (A) 24 hours (B) 4 hours (C) 12 hours (D) 1 hour: correct answer- (A) 24 hours 6. Which of the following Qualys applications or services, provide the ability to create a patch job? (choose 3) (Choose all that apply)
VMDR Prioritization Report? (choose 3) (Choose all that apply) (A) Compliance Posture (B) Attack Surface (C) Vulnerability Age (D) Real-Time Threat Indicator (RTI): (B) Attack Surface (C) Vulnerability Age (D) Real-Time Threat Indicator (RTI)
10. Which of the following are methods for activating the PM module on a Qualys agent host? (choose 3) (Choose all that apply) (A) Select the "Activate for FIM or IOC or PM" option for a host, in the Cloud Agent application. (B) Deploy the agent with an Activation Key that has the PM module selected. (C) Use the Qualys Cloud Agent API, to activate the PM module for a single
agent or agents in bulk. (D) Add agent host assets to a PM Asset Group.: (B) Deploy the agent with an Activation Key that has the PM module selected. (C) Use the Qualys Cloud Agent API, to activate the PM module for a single agent or agents in bulk. (D) Add agent host assets to a PM Asset Group.
11. Patching messages and notifications are managed by the process. (A) Qualys Cloud Agent (B) Qualys Cloud Agent UI (C) stdeploy.exe (D) notify.exe: (B) Qualys Cloud Agent UI 12. Application and OS patching are available for hosts running the Qualys . (A) Passive Sensor (B) Cloud Agent (C) Scanner Appliance (D) Virtual Scanner: (B) Cloud Agent 13. Which of the following PM setup steps must be completed, before host patch assessments can begin? (choose 3) (Choose all that apply) (A) Assign host to a PM Job
(A) Discover patches already installed (B) Install or deploy missing patches (C) Uninstall existing patches (D) Discover missing patches: (B) Install or deploy missing patches (C) Uninstall existing patches
16. By default, any PM host that is not assigned to a specific Assessment Profile, will be assigned to the Profile. (A) Global (B) System (C) Public (D) Initial: (B) System 17. Which of the following tasks are performed by a patch assessment scan? (choose 2) (A) Discover patches already installed (B) Install or deploy missing patches (C) Uninstall existing patches (D) Discover missing patches: (A) Discover patches already installed (D) Discover missing patches 18. Patches can be added to: (choose 3)(Choose all that apply) (A) Recurring jobs that are disabled
(B) On Demand jobs that are disabled (C) Recurring jobs that are enabled (D) On Demand jobs that are enabled: (A) Recurring jobs that are disabled (B) On Demand jobs that are disabled (C) Recurring jobs that are enabled
19. From the PATCHES section in the Patch Management application, which query produces a list of "uninstallable" patches? (A) uninstall:true (B) isRollback:true (C) uninstall:false (D) isRollback:false: (B) isRollback:true 20. Which query token can be used to display patches that cannot be down- loaded by Qualys' Cloud Agent?
(D) Only assets that have already been patched: (A) Assets with the PM module activated (B) Only assets that have already been scanned
24. Additional assets or patches can be added to any existing patch job: (A) Once the job has been approved (B) After the job has completed (C) Before the job is enabled (D) Before the job begins to run: (C) Before the job is enabled 25. Additional assets can be added to a(n) job, both before and after it has been enabled. (A) On-Demand (B) Uninstall
(C) Recurring (D) Run-Once: (C) Recurring
26. Which of the following statements about Qualys Patch Management's "patch sources" is false? (A) Patches are originally acquired from Vendor Global CDNs. (B) Digital signatures and hash values are used to validate downloaded patch- es. (C) A VPN connection to your corporate network is required to download patches. (D) Both operating system and application patches are provided.: (C) A VPN connection to your corporate network is required to download patches. 27. Which Qualys technology provides a patch download cache, to achieve a more efficient distribution of downloaded patches, to local agent host assets? (A) Qualys Gateway Server (B) Qualys Passive Sensor (C) Qualys Scanner Appliance (D) Qualys Connector: (A) Qualys Gateway Server 28. Which of the following frequencies, can be used to schedule a Deployment Job? (choose 3) (Choose all that apply) (A) Daily
31. Presently, you can add a maximum of patches to a single job. (A) 1250 (B) 1750 (C) 1500 (D) 2000: (D) 2000 32. Assets can be added to: (choose 3) (A) On Demand jobs that are disabled (B) On Demand jobs that are enabled (C) Recurring jobs that are enabled (D) Recurring jobs that are disabled: (A) On Demand jobs that are disabled (C) Recurring jobs that are enabled (D) Recurring jobs that are disabled 33. Which of the following "Patch Communication" messages have a defer- ment option? (choose 2) (A) Pre-Deployment (B) Deployment in Progress (C) Deployment Complete (D) Reboot Request: