QUALYS VMDR TRAINING CERTIFICATION SCRIPT 2026
QUESTIONS WITH SOLUTIONS GRADED A+
● What are the features of the Patch Management (PM) application. Answer: What are
the steps for Patch Management as a response to vulnerability findings
● What is asset management?. Answer: Step 1 in the VMDR lifecycle
● What is vulnerability management?. Answer: Step 2 in the VMDR lifecycle
● What is threat detection and prioritization?. Answer: Step 3 in the VMDR lifecycle
● What is response (patch deployment?). Answer: Step 4 in the VMDR lifecycle
● What should you ask your business, IT, and security managers regarding
cyberhygine?. Answer: 1. Do we know what assets we have and what is connected to our
systems and networks? 2. Do we know what's running (or trying to run) on our systems and
networks? 3. Are we limiting and managing the number of people with administrative
privileges to change, bypass, or override the security settings on our systems and networks?
4. Do we have in place continuous processes backed by security technologies that would
allow us to prevent most breaches, rapidly detect all that do succeed, and minimize damage
to our business and our customers? 5. Can we demonstrate that we have an effective
monitoring strategy in place to our Board, our shareholders, and customers today?
● What are the major steps to take in "Inventory and Control Enterprise Assets?".
Answer: 1. Establish and Maintain Detailed Enterprise Asset Inventory 2. Address
Unauthorized Assets
● What are the major steps to take in "Inventory and Control Software Assets?".
Answer: 1. Establish and Maintain a Software Inventory 2. Ensure Authorized Software Is
Currently Supported 3. Address Unauthorized Software
● What are the major steps to take in "Protect Data?". Answer: 1. Establish and Maintain
a Data Management Process 2. Establish and Maintain a Data Inventory 3. Configure Data
Access Control Lists 4. Enforce Data Retention 5. Securely Dispose of Data 6. Encrypt Data
on End-User Devices
QUESTIONS WITH SOLUTIONS GRADED A+
● What are the features of the Patch Management (PM) application. Answer: What are
the steps for Patch Management as a response to vulnerability findings
● What is asset management?. Answer: Step 1 in the VMDR lifecycle
● What is vulnerability management?. Answer: Step 2 in the VMDR lifecycle
● What is threat detection and prioritization?. Answer: Step 3 in the VMDR lifecycle
● What is response (patch deployment?). Answer: Step 4 in the VMDR lifecycle
● What should you ask your business, IT, and security managers regarding
cyberhygine?. Answer: 1. Do we know what assets we have and what is connected to our
systems and networks? 2. Do we know what's running (or trying to run) on our systems and
networks? 3. Are we limiting and managing the number of people with administrative
privileges to change, bypass, or override the security settings on our systems and networks?
4. Do we have in place continuous processes backed by security technologies that would
allow us to prevent most breaches, rapidly detect all that do succeed, and minimize damage
to our business and our customers? 5. Can we demonstrate that we have an effective
monitoring strategy in place to our Board, our shareholders, and customers today?
● What are the major steps to take in "Inventory and Control Enterprise Assets?".
Answer: 1. Establish and Maintain Detailed Enterprise Asset Inventory 2. Address
Unauthorized Assets
● What are the major steps to take in "Inventory and Control Software Assets?".
Answer: 1. Establish and Maintain a Software Inventory 2. Ensure Authorized Software Is
Currently Supported 3. Address Unauthorized Software
● What are the major steps to take in "Protect Data?". Answer: 1. Establish and Maintain
a Data Management Process 2. Establish and Maintain a Data Inventory 3. Configure Data
Access Control Lists 4. Enforce Data Retention 5. Securely Dispose of Data 6. Encrypt Data
on End-User Devices
