Question 102 through 104 refer to the following scenario: Show He scanned the following three networks: -DMZ network that contains servers with public exposure -Workstation network that contains workstations that are allowed outbound access only. -Internal server network that contains servers exposed only to internal systems He detected the following vulnerabilities: Vulnerability 1: A SQL injection vulnerability on a DMZ server that would grant access to a database server on the internal network (severity 5/5) Vulnerability 2: A buffer overflow vulnerability on a domain controller on the internal server network Vulnerability 3: A missing security patch on several hundred Windows workstations on the workstation network (severity 2/5) Vulnerability 4: A denial-of-service vulnerability on a DMZ server that would allow an attacker to disrupt a pupblic facing website (severity 4/5) note that the severity ratings assigned to these vulnerabilities are directly from the vulnerability scanner and were not assigned by Pete. Absent any other information, which one of the vulnerabilities in the report should Pete remediate first? To enumerate installed software applications on targeted hosts, scans should be performed in __________ mode. Choose an answer: Unauthenticated Authenticated Authoratative Verbose 2-Why is it beneficial to configure the Business Impact of an Asset Group? Choose an answer: It's used to calculate storage space It's used to calculate Severity Levels. It's used to calculate CVSS Scores. It's used to calculate Business Risk 3-You are building an Option Profile that targets "Zero Day" vulnerabilities. Which "Scan" option will allow you to use a "Zero Day" Search List to achieve this objective? Choose an answer: Vulnerability Detection Password Brute Forcing Additional Certificate Detection TCP Ports 4-The Service Detection Module can detect over ________ services running on TCP and UDP ports. Choose an answer: 600 256 512 128 5-Which of the following are components of a Business Unit? (choose 2) Choose all that apply: Search Lists Asset Groups Policies Users Option Profiles 6-Which "Display" option (in a Scan Report Template) identifies the data or evidence collected from a host that produces a specific vulnerability finding? Choose an answer: Threat Solution Impact Results Compliance 7-hat color code is used in the Qualys KnowledgeBase to identify QIDs that exhibit predictable (but different) results in the presence or absence of authentication? Choose an answer: Blue Yellow Half-Red/Half-Yellow Red 8-How often are "Dynamic" Asset Tags updated? Choose an answer: Every time new assessment data is collected (scanner or agent) Every time you search the Qualys KnowledgeBase Every time you login to your user account. Every time a report is generated. 9-Which of the following VM reports are created from a Report Template? Choose all that apply: Authentication Report Patch Report Remediation Report Scan Report Map Report 10-Agent data (data collected by a Qualys Agent) is stored as ______ Based Findings. Choose an answer: Host Scan Client Server 11-Which of the following best describes a "Dynamic" Search List? Choose an answer: Manually updated Updates can be scheduled regularly Automatically updated Updated only upon user request 12-To achieve the most accurate OS detection results, scans should be performed in __________ mode. Choose an answer: Verbose Unauthenticated Authoratative Authenticated 13-You have just created a KnowledgeBase Search List. Where can you use or apply it? (choose 3) Choose all that apply: In a Remediation Policy In an Asset Group In an Option Profile In a Report Template In a Business Unit In an Asset Tag 14-What is the default number of "Host Discovery" TCP ports? Choose an answer: 13 1900 180 20 15-What are some of the present options for adding security to Qualys user accounts? (choose 3) Choose all that apply: Establish an account "lockout" policy for failed login attempts Enable two-factor authentication Set high password strength requirements Restrict access by hostname 16-When configuring the "Scan" options in an Option Profile, what port scanning option allows you to target the most typical and commonly used port numbers (i.e., effective coverage without being too excessive)? Choose an answer: Full Complete Light Standard 17-Which of the following criteria can be used to create a dynamic Search List? (choose 3). Choose all that apply: IP Address Host Name CVE ID CVSS Score Severity Level 18-Which of the following are required, to perform an "authenticated" scan that only targets "severity 5" vulnerabilities? (choose all that apply) Choose all that apply: Scanner appliance Target Hosts Authentication Record Search List (severity 5 QIDs) Option Profile 19- One of your "Scanner" users would like to perform a comprehensive scan (occasionally) that targets the maximum number of service ports. Which port scanning option do you recommend? Choose an answer: None Standard Scan Light Scan Full 20-While it is highly recommended, which of the following is NOT required to launch a vulnerability scan? Choose an answer: Target Hosts Option Profile Authentication Record Scanner Appliance 21-One of your colleagues would like to build a report to display vulnerability findings over the last three months (including trending information)? What do you recommend? Choose an answer: Build a scan template with the "All" Asset Group as its target. Build a scan template that uses Host Based Findings. Build a scan template that sorts findings by Asset Group Build a scan template that uses Scan Based Findings 22-Which of the following sensors are presently used by Qualys VM to collect the data needed to perform host vulnerability assessments? (choose 2) Choose all that apply: Cloud Agent Scanner Appliance Passive Sensor Cloud Connector 23-Which of the following is the default tracking method used by Qualys Cloud Agents? Choose an answer: Qualys Host ID IP Address NetBIOS Name DNS Name 24-What is the name given to a custom list of QIDs taken from the Qualys KnowledgeBase? Choose an answer: Search List Asset Group Authentication Record Host Assets 25-Select the option below that contains the correct order or sequence of events. Choose an answer: 1) Add host to subscription, 2) Use host as report source, 3) Scan host 1) Use host as report source, 2) Add host to subscription, 3) Scan host 1) Add host to subscription, 2) Scan host, 3) Use host as report source 1) Scan host, 2) Add host to subscription, 3) Use host as report source 26-Which of the following does not accurately describe a behavior or characteristic of a Remediation Policy? Choose an answer: A Remediation policy at the bottom of the list has precedence over the policies above it. A Remediation policy can be configured to assign detected vulnerabilities to Qualys users. A Remediation policy can be configured to ignore certain vulnerability QIDs. Remediation policies contain conditions and actions. 27-Which of the following is never included in the raw scan results? Choose an answer: Potential vulnerability findings Information-gathered (IG) data List of fixed vulnerabilities Confirmed vulnerability findings 28-Which of the following tasks can be accomplished using "Asset Search" within the Vulnerability Management application? (choose 3) Choose all that apply: Build a Search List Produce a list of host assets Create an Asset Tag Edit a list of host assets 29-To produce a "trend" report that covers the last twelve months of vulnerability activity, you should select ______ Based Findings in the Scan Report Template. Choose all that apply: Scan Client Host Server 30-What are the primary methods available in Qualys VM, for grouping, labeling, and organizing host assets.? (choose 2) Choose all that apply: Asset Groups Asset Tags Search Lists Severity Levels 31-By default, which tracking methods are available when adding assets to your "scanning" subscription? (choose 3) Choose all that apply: CVE ID IP Address DNS Name Qualys Host ID NetBIOS Name 32-Which of the following is NOT a valid target for launching a scan? Choose an answer: Search List Asset Tag IP Address Asset Group 33-What type of scanner appliance (by default) is available to all Qualys users with "scanning" privileges? Choose an answer: Offline Scanner Virtual Scanner External (Internet-based) Scanner Internal Scanner 34-What phase or step of the Qualys Vulnerability Management Lifecycle, produces scan results containing vulnerability findings? Choose an answer: Report Discover Remediate Assess 35-What is the default number of "Host Discovery" TCP ports? Choose an answer: 13 1900 180 20 36-Which module does a Qualys Scanner Appliance load to determine the LIVE/DEAD status of targeted hosts? Choose an answer: OS Detection Service Detection Port Scanning Host Discovery 37-What does it mean when a "blue key" icon is associated with a QID in the Qualys KnowledgeBase? Choose an answer: The QID has a known exploit A patch is available for the QID The QID has been edited Authentication is required for successful QID testing 38-What are the different types of vulnerability identifiers found in the Qualys KnowledgeBase? (choose 3) Choose all that apply: Host ID Bugtraq ID CVE ID QID Which Qualys sensors collect the type of data needed to perform vulnerability assessments select all that apply?Scanner appliances are one type of sensor that Qualys provides to collect security and compliance data. You can use appliances to perform vulnerability scans and compliance scans, depending on your subscription setup.
How do you identify vulnerability scanning?A vulnerability scan only identifies vulnerabilities, while a penetration tester digs deeper to identify the root cause of the vulnerability that allows access to secure systems or stored sensitive data. The pen tester also looks for business logic vulnerabilities that might be missed by an automatic scanner.
What is a vulnerability scan report?A vulnerability scan is an automated, high-level test that looks for and reports potential known vulnerabilities. For example, some vulnerability scans are able to identify over 50,000 unique external and/or internal weaknesses (i.e., different ways or methods that hackers can exploit your network).
What can we determine by scanning for vulnerabilities with a vulnerability scanner?Network-based scanners
Network-based scanners discover unknown or unauthorized devices and systems on a network, help determine if there are unknown perimeter points on the network, such as unauthorized remote access servers, or connections to insecure networks of business partners.
|