What does it mean when a pencil icon is associated with a QID in the

QualysGuard KnowledgeBase?
There is malware associated with the QID
A patch is available for the QID
The QID has been edited
The QID has a known exploit

Which of the following are components or processes of an asset discovery map?

(choose all that apply)
Device Identification
Vulnerability Detection
Network Discovery
Host Discovery

What is the maximum number of service detection tests used by the Service
Detection Module?
600
20
13
512

A search list contains a list of

Applications
QIDs
Asset Groups
Host Assets

Why is it important to set the Business Impact of an Asset Group?

Business Impact illustrates the overall risk of the organization when doing Patch
Reporting
There is no reason to set a Business Impact, it is optional and rarely used
The default setting is all that is needed, Business Impact doesn't change reports
Qualys cannot determine the importance of an asset to an individual organization

To produce a scan report that includes all of the cumulative scan data in your
subscription, you should select the _______________ option in the Scan Report
Template.
Static
Host Based Findings
Scan Based Findings
Dynamic

Which item is NOT mandatory for launching a vulnerability scan?

Authentication Record
Option Profile

Scanner Appliance
Target Hosts

Multiple Remediation Policies are evaluated:

In no specific order
From bottom to top
From top to bottom
Based on the rule creation date

If a host IP has not been scanned in over 30 days, and the host is in a DHCP
environment, what should be done to ensure data integrity?
Map the hosts to ensure they are alive
Keep all scans that are over 6 months old to ensure the data is accurate
Purge Host data, to clear vulnerabilities associated with the IP Address
Close all remediation tickets as they probably are all fixed now

What are some ways to add security to a users account?

Require the user answer security questions when logging in
Activate VIP as an added second factor for authenticating to QualysGuard
Require passwords to expire after a certain amount of time
Lock accounts after a certain amount of failed login attempts
Allow access to QualysGuard only when the user is coming from a particular IP address

What is required in order for QualysGuard to generate remediation tickets?

(choose all that apply)
A Remediation Report needs to be run
Scan Results need to be processed by QualysGuard
A Policy needs to be created
A Map needs to be run

Map results are an excellent source for... (choose all that apply)
Adding Hosts to the Approved Hosts list
Building Asset Groups
Creating Option Profiles
Adding Hosts to QualysGuard Subscription
Making Report Templates
Creating Search Lists

As a Manager in QualysGuard, which activities can be scheduled?

Asset Searches
Maps
Reports
Updates to the KnowledgeBase
Scans

The information contained in a map result can help network administrators to

identify _______________ devices.
Exploitable
Rogue (unapproved)
Unpatched
Vulnerable

To launch a successful map, you must provide the following

information/components. (choose all that apply)
Report Template
Option Profile
Domain/Netblock
Search List
Title

What is the 6-step lifecycle of QualysGuard Vulnerability Management?

Mapping, Scanning, Reporting, Remediation, Simplification, Authentication
Learning, Listening, Permitting, Forwarding, Marking, Queuing
Discovery, Prioritizing, Assessing, Reporting, Remediating, Verifying
Bandwidth, Delay, Reliability, Loading, MTU, Up Time

Which of the following types of items can be found in the QualysGuard

KnowledgeBase? (choose all that apply)

Search Lists
Potential Vulnerabilities
Configuration data (Information Gathered)
Asset Groups
Vulnerabilities

Search Lists can be applied to which other QualyGuard components? (choose all
that apply)
Remediation Policies
Report Templates
Option Profiles
Authentication Records

Which Vulnerability Detail (found in a Scan Template) identifies the data or

information collected and returned by the QualysGuard scanner appliance?
Results
Impact
Solution
Compliance
Threat

The Asset Search tab can be used to... (choose all that apply)
Find assets in our environment with a specific vulnerability

Construct Search Lists

Build Asset Groups
Create Report Templates
Create Option Profiles

To exclude a specific QID/vulnerability from a vulnerability scan you would:

You cannot exclude QID/Vulnerabilities from vulnerability scans.
Ignore the vulnerability from within an integrated workflow report.
Disable the QID in the QualysGuard KnowledgeBase.
Place the QID in a saved search list, and exclude that search list within the
Vulnerability Detection section of the option profile.

By default, the first user added to a new Business Unit becomes a ____________
for that unit.
Administrator
Reader
Unit Manager
Contact
Scanner

What purpose do Option Profiles serve?

Option Profiles allow for customization of the entire host discovery, mapping and
scanning process as well as customization of several performance options

Option Profiles are not permitted when scanning

Option Profiles are created to enable Report Templates to filter specific QIDs from
displaying on reports
Option Profile customization is not required when Authentication is required

What report is provided by Qualys, by default, as a way of finding the most

vulnerable hosts in our environment?
Report using a Search List containing Information Gathered QIDs only
Most Vulnerable Hosts Report - Scorecard Report
Host Vulnerability Matrix Template
Map Report

Which of the following items are used to calculate the Business Risk score for a
particular asset group? (choose all that apply)
CVE ID
Security Risk
Business Impact
CVSS Base

About how many TCP ports are scanned when using Standard Scan option?
65535
20
10

1900

What is the maximum number of TCP ports that can participate in the Host
Discovery process?
65535
20
10
1900

Which of the following is NOT a component of a vulnerability scan?

Device Identification
Host Discovery
DNS Brute Force
Port Scanning

In order to successfully perform an authenticated (trusted) scan, you must create

a(n):
Asset Map
Search List
Report Template
Authentication Record

To produce a scan report that includes the results from a specific scan that
occurred at a specific point in time, you should select the _______________
option in the Report Template.
Static
Host Based Findings
Scan Based Findings
Dynamic

What does the S in the ASLN section of Map Results really mean?
Scannable, it means the IP is currently in the subscription
Scanning, the IP is currently being scanned
Safe
Scanned, this IP has been scanned in the past

What does the "Import from Library" function do, in the Report Templates tools
section of the UI?
Can enable faster Asset Searches

This function has been deprecated

Allows for Qualys users to download commonly used report templates,

this saves time because the user doesn't have to develop his/her own
Report Template
Creates a special report template called Library

A half-red/half-yellow QID in the QualysGuard KnowledgeBase will typically appear

as a confirmed vulnerability (red) within the scan results, with the inclusion of this
scan option.
Authentication

Share Enumeration

Scan Dead Hosts

Authoritative Option

Which of the following components are included in the raw scan results, assuming
you do not apply a Search List to your Option Profile? (choose all that apply)
Information Gathered

Option Profile Settings

Vulnerabilities

Host IP

Potential Vulnerabilities

What scanning option allows QualysGuard to get a more accurate reading of the
host operating system?
Authentication

Load Balancer Detection

Scan Dead Hosts

Authoritative Option

Which of the following mapping/scanning options is enabled by default?

Perform Live Host Sweep

Ignore all TCP RST packets

Ignore firewall-generated TCP SYN-ACK packets

Ignore firewall-generated TCP RST packets

What type of Search List adds new QIDs to the list when the QualysGuard
KnowledgeBase is updated?
Static

Dynamic

Passive

Active

Which of the following vulnerability scanning options requires the use of a

dissolvable agent?

Windows Share Enumeration

Scan Dead Hosts

UDP port scanning

TCP port scanning