Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

Qualys Reporting Strategies and Best Practices, Exams of Business Administration

An overview of the qualys reporting strategies and best practices, covering topics such as patch reporting, vulnerability scorecards, asset search reports, and dashboard trends. It addresses key questions related to identifying the most accurate patches, detecting missing patches and software, understanding the impact of scan report filters, managing stale asset and vulnerability data, and leveraging various report types to prioritize and remediate vulnerabilities. The document also discusses the unified dashboard, custom vulnerability ranking schemes, and recommended practices for maintaining accurate and up-to-date reports. By studying this document, users can gain insights into optimizing their qualys reporting capabilities, aligning with corporate policies, and making informed decisions to enhance their overall security posture.

Typology: Exams

2023/2024

Available from 08/12/2024

TheHub
TheHub 🇺🇸

3.5

(13)

3K documents

1 / 13

Toggle sidebar

Related documents


Partial preview of the text

Download Qualys Reporting Strategies and Best Practices and more Exams Business Administration in PDF only on Docsity! Qualys Reporting Strategies and Best Practices Exam Questions and Answers 2023/2024 In the patch report template, which evaluation provides the most accurate patches that need to be installed? (A) Superseded patch evaluation (B) Latest patch evaluation (C) QID based patch evaluation (D) Classic patch evaluation (A) Superseded patch evaluation Which scorecard report type allows you to identify hosts that are missing required patches and software?*** (A) Patch report (B) Vulnerability scorecard report (C) Missing software report (D) Asset Search Report (A) Patch report Which of the following scenarios can lead to gaps in the patch tree structure and break the patch supersedence logic? Select all that apply. (A) Scan report with vulnerability search list or Threat Protection RTI filter (B) Cloud Agent data collection followed by an authenticated scan (C) Scan job with a custom vulnerability filter (D) Unauthenticated scan (E) Cloud Agent scan (A) Scan report with vulnerability search list or Threat Protection RTI filter (C) Scan job with a custom vulnerability filter Identify the vulnerability types excluded by default in the VM/VMDR Dashboard. Select all that apply.*** (A) Fixed vulnerabilities (B) Disabled or Ignored vulnerabilities (C) Vulnerabilities without exploits (D) Low severity vulnerabilities (E) Vulnerabilities without patches (A) Fixed vulnerabilities (B) Disabled or Ignored vulnerabilities The ____________ vulnerability type is enabled by default in a new report template. (A) Confirmed (B) Potential (C) Patched (D) Information Gathered (B) Potential Stale asset and vulnerability data can affect your security risk and business risk calculations. *** (A) False (B) True (B) True (B) Host scan report generated in HTML format (D) Asset Search results Which of the following criteria can be used when building a custom vulnerability ranking scheme to align with your corporate policies and standards? Select all that apply.*** (A) Vulnerability Severity (B) Threat exposure (C) CVSS Temporal Score (D) CVSS Base score (E) CVSS Environment Score (A) Vulnerability Severity (C) CVSS Temporal Score (D) CVSS Base score Which of the following factors must be considered when prioritizing vulnerability remediation in your environment? Select all that apply. (A) Platform type (B) Asset context (C) Business context (D) Threat exposure (E) Vulnerability Severity (B) Asset context (D) Threat exposure (E) Vulnerability Severity Which of the following are applicable to the Unified Dashboard? (A) Includes a template library for ready-to-use widgets and dashboards (B) Replaces all other application dashboards (C) Brings data from multiple Qualys applications in one place for visualization (D) Supports multi-column group-by, summary count cards, multi-bar, and other visualization types (E) Supports scheduling of dashboard reports (C) Brings data from multiple Qualys applications in one place for visualization (D) Supports multi-column group-by, summary count cards, multi-bar, and other visualization types Which of these is a recommended practice to remove stale data from your subscription to ensure more accurate reports? (A) Enable trending (B) Report Frequently (C) Use host-based reports (D) Purging (D) Purging What happens when you purge an asset in your Qualys account? (A) Asset's scan-based findings are deleted (B) The asset is removed from asset groups (C) The asset is removed from your Qualys account (D) Asset's host-based findings are deleted (D) Asset's host-based findings are deleted The _________ setting in the option profile automatically closes any open vulnerabilities on ports that are no longer targeted in your scan job. (A) Close Vulnerabilities on target ports (B) Purge old host data when OS is changed (C) Authoritative option for light scans (D) Close Vulnerabilities on Dead Hosts (C) Authoritative option for light scans Which of the following apply when searching for vulnerability information in the VM/VMDR application? (A) Search results can be viewed in the form of assets or vulnerabilities (B) Search results can be filtered to show fixed, disabled, and ignored vulnerabilities (C) Search results can be filtered based on patch supersedence (D) Search results can be exported into a CVS file (E) Supports use of asset and/or vulnerability search queries (A) Search results can be viewed in the form of assets or vulnerabilities (B) Search results can be filtered to show fixed, disabled, and ignored vulnerabilities (E) Supports use of asset and/or vulnerability search queries Scan-based findings include the status of each vulnerability - new, active, fixed, and reopened.*** (A) True (B) False (B) False Which of the following apply when using QQL queries for searching data? Select all that apply. (A) Download search results into PDF, XML, MHT and HTML file formats (B) Download search results into a CSV file (C) Schedule the QQL query to run and export data daily, weekly, or monthly (D) Save the query for future use (E) Create a report template from the query (B) Download search results into a CSV file (D) Save the query for future use By adding a user to the Report Template, he/she will get access to all reports generated using the template, even if access to the hosts is not provided. (A) False (B) True (B) True (B) Assigned Severity (C) Lowest Severity (D) Vendor Severity (E) Highest Severity (A) Patch Severity (B) Assigned Severity (E) Highest Severity Patch supersedence requires host-based findings to be enabled in the report template. (A) False (B) True (A) False For reports distributed via a link in email, it is possible to restrict the number of times the report can be downloaded. (A) False (B) True (A) False By default, how are reports sorted? (A) By host (B) By vulnerability (C) By operating system (D) By asset group (D) By asset group ______________Includes a specific set of QIDs to customize scanning or reporting. *** (A) RTI (B) Dynamic Search List (C) Static Search Lists (D) Asset Tags (C) Static Search Lists Which factors create stale data and negatively impact security risk calculations, remediation performance, and vulnerability tickets? Select all that apply. (Choose all that apply) (A) Change in host IP address or hostname (B) Change in authentication settings or target ports in the option profile (C) Operating system upgrade on a host (e.g. Windows 2008 to Windows 2012) (D) Change in host operating system (e.g., Windows to Linux) (E) Authentication failures (A) Change in host IP address or hostname (E) Authentication failures Which of these options in the report template can limit the data to a specific time frame? *** (A) Display Options (B) Search List (C) Trending (D) Vulnerability Status Filters (C) Trending When planning VMDR reports, which of the following must be taken into account? Select all that apply. (A) Severity (B) Levels of the organization (C) CVSS score (D) Team structure (E) Network segments (B) Levels of the organization (D) Team structure (E) Network segments Merging scan data and Cloud Agent data for a single unified view in the report is unsupported when performing unauthenticated scans. (A) False (B) True (A) False Which of the following apply when using search queries in the VM/VMDR application? Select all that apply. (A) Search results display information gathering QIDs by default (B) Use of range queries is not recommended (C) You can use asset-specific queries in the Vulnerability search area and vice- versa (D) Avoid using the NOT clause for vulnerability search (E) Avoid using the NOT clause for asset search (B) Use of range queries is not recommended (D) Avoid using the NOT clause for vulnerability search Host-based findings are affected by the change in the authentication status of the host. (A) True (B) False (A) True Which of the following recommendations should be considered when your host- based scan report takes too long to generate or frequently errors out? Select all that apply. (A) Fine-tune vulnerability filter and display options