Qualys Web Application Scanning Study guides, Class notes & Summaries

Qualys Web Application Scanning (EXAM)With A Guaranteed 85% Or More!!

The Malware Monitoring option should only be enabled for: (A) Applications with a "malware" tag (B) Internal facing applications (C) External facing applications (D) Both internal and external facing applications - Correct Answer-(C) External facing applications Where can you "Ignore" a vulnerability for a Web Application? (select two) (Choose all that apply) (A) Scorecard Report (B) Scan Report (C) Web Application Report (D) Detections Tab - Correct Answer-(B) Scan Report (D) De...

With Vulnerability Response you can do the following: - correct answer • Configure vulnerability groups, CI identifiers, notifications, and SLAs. • Update your system from the vulnerability databases on demand or by running userconfigured scheduled jobs. • Configure integrations to import data from internal and external sources. If the Qualys Vulnerability Integration plugin is activated and configured, Vulnerability Response can receive vulnerability data from the Qualys scanner in...

In the patch report template, which evaluation provides the most accurate patches that need to be installed? (A) Superseded patch evaluation (B) Latest patch evaluation (C) QID based patch evaluation (D) Classic patch evaluation - Correct Answer-(A) Superseded patch evaluation Which scorecard report type allows you to identify hosts that are missing required patches and software?*** (A) Patch report (B) Vulnerability scorecard report (C) Missing software report (D) Asset Search Report...

What are the features of the Patch Management (PM) application - Correct AnswerWhat are the steps for Patch Management as a response to vulnerability findings - Correct AnswerWhat is asset management? - Correct Answer-Step 1 in the VMDR lifecycle What is vulnerability management? - Correct Answer-Step 2 in the VMDR lifecycle What is threat detection and prioritization? - Correct Answer-Step 3 in the VMDR lifecycle What is response (patch deployment?) - Correct Answer-Step 4 in the VMDR life...

Identify the different Qualys sensors that collect data from your environment. (Select all that apply)*** (A) Scanner (B) Cloud Agents (C) Passive Sensor (D) Container Sensor (E) Cloud Connector Ans (A) Scanner (B) Cloud Agents (C) Passive Sensor (D) Container Sensor (E) Cloud Connector _______________ is a lightweight agent that can be installed on clients and servers for realtime visibility.*** (A) Container Sensor (B) Scanner (C) API (D) Cloud Agent Ans Cloud Agent Which of th...

List the default tracking methods available for adding assets to your "scanning" subscription. (Select Three) (A) DNS Name (B) NetBIOS Name (C) CVE ID (D)Qualys Host ID (E) IP Address - Correct Answer-(A) DNS Name (B) NetBIOS Name (E) IP Address Name the phase or step of the Qualys Vulnerability Management Lifecycle that produces scan results containing vulnerability findings? (A) Report (B) Discover (C) Remediate (D) Assess - Correct Answer-(D) Assess Which of the following is ...

Identify the Qualys application modules that require Cloud Agent. (Choose all that apply) (A) EDR (B) VM (C) PM (D) FIM - Correct Answer-(A) EDR (C) PM (D) FIM A Cloud Agent status indicates the agent uploaded new host data, and an assessment of the host was performed within the Qualys Cloud Platform. Which one from the following options is it? (A) Scan Complete (B) Provisioned (C) Manifest Downloaded (D) Configuration Downloaded - Correct Answer-(A) Scan Complete From all the tas...

Which of the following are benefits of scanning in authenticated mode? (choose 2) - Fewer confirmed vulnerabilities - More vulnerabilities are detected - Time saved from manually investigating potential vulnerabilities - More accurate scan details - Correct Answer-- More vulnerabilities are detected - Time saved from manually investigating potential vulnerabilities Which of the following are valid options for scanning targets? (choose 3). - Asset Groups - Domain Name - IP addressing - ...

Using the "Search" field (found in the VULNERABILITIES section of the VM Dashboard), which query will produce a list of "patchable" vulnerabilities? (A)sPatchable:TRUE (B)sPatchable:FALSE (C)Patchable:FALSE (D)Patchable:TRUE - Correct Answer- (D)Patchable:TRUE Which of the following conventions can be used to include or assign host assets to a job? (choose 2) (Select all that apply) (A) Asset Name (B) Asset Group (C) Business Unit (D) Asset Tag - Correct Answer-(A) Asset Name (D...