Qualys Reporting Strategies and Best
Practices Exam Questions With
Complete Solutions
In the patch report template, which evaluation provides the most accurate patches that
need to be installed?
(A) Superseded patch evaluation
(B) Latest patch evaluation
(C) QID based patch evaluation
(D) Classic patch evaluation - CORRECT ANSWER (A) Superseded patch
evaluation
Which scorecard report type allows you to identify hosts that are missing required
patches and software?***
(A) Patch report
(B) Vulnerability scorecard report
(C) Missing software report
(D) Asset Search Report - CORRECT ANSWER (A) Patch report
Which of the following scenarios can lead to gaps in the patch tree structure and break
the patch supersedence logic? Select all that apply.
(A) Scan report with vulnerability search list or Threat Protection RTI filter
(B) Cloud Agent data collection followed by an authenticated scan
(C) Scan job with a custom vulnerability filter
(D) Unauthenticated scan
(E) Cloud Agent scan - CORRECT ANSWER (A) Scan report with vulnerability
search list or Threat Protection RTI filter
(C) Scan job with a custom vulnerability filter
Identify the vulnerability types excluded by default in the VM/VMDR Dashboard. Select
all that apply.***
(A) Fixed vulnerabilities
(B) Disabled or Ignored vulnerabilities
(C) Vulnerabilities without exploits
(D) Low severity vulnerabilities
(E) Vulnerabilities without patches - CORRECT ANSWER (A) Fixed
vulnerabilities
(B) Disabled or Ignored vulnerabilities
The ____________ vulnerability type is enabled by default in a new report template.
(A) Confirmed
This study source was downloaded by 100000869267694 from CourseHero.com on 10-24-2023 08:41:55 GMT -05:00
https://www.coursehero.com/file/209147349/stuvia-38pdf/
, Qualys Reporting Strategies and Best
Practices Exam Questions With
Complete Solutions
(B) Potential
(C) Patched
(D) Information Gathered - CORRECT ANSWER (B) Potential
Stale asset and vulnerability data can affect your security risk and business risk
calculations. ***
(A) False
(B) True - CORRECT ANSWER (B) True
Adding non-Qualys user's email in the distribution group helps you distribute the
scheduled report to such users. ***
(A) True
(B) False - CORRECT ANSWER (A) True
When using host-based findings, which of these needs to be turned on to toggle the
inclusion of Fixed vulnerabilities in the report?***
(A) Trending
(B)
(C)
(D) - CORRECT ANSWER (A) Trending
Which finding type allows you to include trending data in your reports?***
(A) Scanner based findings
(B) San-based finding
(C) Cloud Agent-based findings
(D) Host-based findings - CORRECT ANSWER (D) Host-based findings
Threat Protection RTIs are used in the___________ in VMDR to identify the potential
impact of discovered vulnerabilities, as well as vulnerabilities that have known or
existing threats. ***
(A) Prioritization report
(B) Remediation report
(C) Scorecard report
(D) Patch report - CORRECT ANSWER (A) Prioritization report
Identify the factor from the following that does not affect the report generation
process.***
This study source was downloaded by 100000869267694 from CourseHero.com on 10-24-2023 08:41:55 GMT -05:00
https://www.coursehero.com/file/209147349/stuvia-38pdf/
Practices Exam Questions With
Complete Solutions
In the patch report template, which evaluation provides the most accurate patches that
need to be installed?
(A) Superseded patch evaluation
(B) Latest patch evaluation
(C) QID based patch evaluation
(D) Classic patch evaluation - CORRECT ANSWER (A) Superseded patch
evaluation
Which scorecard report type allows you to identify hosts that are missing required
patches and software?***
(A) Patch report
(B) Vulnerability scorecard report
(C) Missing software report
(D) Asset Search Report - CORRECT ANSWER (A) Patch report
Which of the following scenarios can lead to gaps in the patch tree structure and break
the patch supersedence logic? Select all that apply.
(A) Scan report with vulnerability search list or Threat Protection RTI filter
(B) Cloud Agent data collection followed by an authenticated scan
(C) Scan job with a custom vulnerability filter
(D) Unauthenticated scan
(E) Cloud Agent scan - CORRECT ANSWER (A) Scan report with vulnerability
search list or Threat Protection RTI filter
(C) Scan job with a custom vulnerability filter
Identify the vulnerability types excluded by default in the VM/VMDR Dashboard. Select
all that apply.***
(A) Fixed vulnerabilities
(B) Disabled or Ignored vulnerabilities
(C) Vulnerabilities without exploits
(D) Low severity vulnerabilities
(E) Vulnerabilities without patches - CORRECT ANSWER (A) Fixed
vulnerabilities
(B) Disabled or Ignored vulnerabilities
The ____________ vulnerability type is enabled by default in a new report template.
(A) Confirmed
This study source was downloaded by 100000869267694 from CourseHero.com on 10-24-2023 08:41:55 GMT -05:00
https://www.coursehero.com/file/209147349/stuvia-38pdf/
, Qualys Reporting Strategies and Best
Practices Exam Questions With
Complete Solutions
(B) Potential
(C) Patched
(D) Information Gathered - CORRECT ANSWER (B) Potential
Stale asset and vulnerability data can affect your security risk and business risk
calculations. ***
(A) False
(B) True - CORRECT ANSWER (B) True
Adding non-Qualys user's email in the distribution group helps you distribute the
scheduled report to such users. ***
(A) True
(B) False - CORRECT ANSWER (A) True
When using host-based findings, which of these needs to be turned on to toggle the
inclusion of Fixed vulnerabilities in the report?***
(A) Trending
(B)
(C)
(D) - CORRECT ANSWER (A) Trending
Which finding type allows you to include trending data in your reports?***
(A) Scanner based findings
(B) San-based finding
(C) Cloud Agent-based findings
(D) Host-based findings - CORRECT ANSWER (D) Host-based findings
Threat Protection RTIs are used in the___________ in VMDR to identify the potential
impact of discovered vulnerabilities, as well as vulnerabilities that have known or
existing threats. ***
(A) Prioritization report
(B) Remediation report
(C) Scorecard report
(D) Patch report - CORRECT ANSWER (A) Prioritization report
Identify the factor from the following that does not affect the report generation
process.***
This study source was downloaded by 100000869267694 from CourseHero.com on 10-24-2023 08:41:55 GMT -05:00
https://www.coursehero.com/file/209147349/stuvia-38pdf/
