CSAM EXAM WITH QUESTIONS AND
ANSWERS 2025 UPDATE.
Your organization is planning to subscribe to Qualys CSAM. As an IT Manager of your
organization, you are tasked with justifying to your management the benefits of having CSAM in
your Qualys account. Which of the following, in your opinion, rightly represents the benefits of
CSAM? - ANS - It will allow your IT team to view and manage your IT asset inventory from a
single application.
- It will help you identify unmanaged devices in your asset inventory.
- It will allow you to define and track unauthorized software instances in your environment.
Three functions performed on your raw asset data by CyberSecurity Asset Management are
_____________. - ANS - Categorization
- Normalization
- Enrichment
You have been asked to select the sensor that works well for an inventory of assets used by
remote users that aren't always connected to the corporate network. Which option will you
choose? - ANS Cloud Agent
External Attack Surface Management works by ________. - ANS Discovering all domains,
subdomains, subsidiaries
Which of the following are the benefits of the External Attack Surface Management feature in
CSAM? - ANS - Continuous monitoring of your external attack surface
- Discovery of domains, subdomains, and subsidiaries
Passive Sensor works by ________. - ANS Sniffing traffic on the network
Data detected by a Passive Sensor can be merged with an existing asset when it matches the
following: ________. - ANS - IP address & Mac Address
- IP address & Hostname
Qualys categorizes your software inventory by which of the following license types? - ANS -
Open Source
- Commercial
Operating Systems are categorized in CyberSecurity Asset Management with _______ levels of
categorization. - ANS 2
What are the prerequisites to integrate Qualys with ServiceNow CMDB? - ANS - Qualys
subscription with CyberSecurity Asset Management license
- Qualys CMDB Sync or Service Graph Connector app installed in ServiceNow
- CMDB Sync enabled for Qualys account
, Asset Criticality Score is a user-defined score that is applied using _________. - ANS Asset
Tags
Which statements are true about Asset Criticality Score for an asset? - ANS - Is based on highest
aggregated criticality across all tags for an asset
- Score 5 represents the most critical asset
- Can be derived from the Business Criticality score, if assigned to a business app in ServiceNow
CMDB
__________ is the default criticality score assigned to an asset when no score is assigned to any
of the Asset Tags linked to that asset. - ANS 2
In CSAM, _______ is an expression that indicates that a hardware product is no longer serviced
via upgrades, patches, or maintenance. - ANS End-of-Support
Analyze the following statements and identify the statements that apply to software authorization
in CSAM. - ANS - Software is automatically categorized as authorized or unauthorized based on
user-defined rules
- Rule order decides priority while taking effect
- When there is a rule match for software for an asset, no subsequent rules are applied to it
CSAM enhances your software inventory in the platform by telling you when the software is
______. - ANS In the End-of-Life and End-of-Support Stage
Which of the following template is currently available for Compliance reporting in CSAM? -
ANS FedRAMP
You have to set the asset context for identifying security gaps on critical assets using Interactive
Reports. Which of the following options will allow you to do so? - ANS - Asset Support Group
- Asset Criticality
- Asset Tags
Which are the three action types supported for Rule-based Alerts? - ANS - Send to PagerDuty
- Post to Slack
- Send Email (Via Qualys)
Asset Criticality Score is a user-defined score that is applied using _________ . - ANS Asset
Tags
Which sensor gives you an inventory of all your assets deployed in a cloud environment like
AWS using an API call? - ANS Cloud Connector
Qualys categorizes your software inventory by which of the following license types? - ANS -
Commercial
- Open Source
ANSWERS 2025 UPDATE.
Your organization is planning to subscribe to Qualys CSAM. As an IT Manager of your
organization, you are tasked with justifying to your management the benefits of having CSAM in
your Qualys account. Which of the following, in your opinion, rightly represents the benefits of
CSAM? - ANS - It will allow your IT team to view and manage your IT asset inventory from a
single application.
- It will help you identify unmanaged devices in your asset inventory.
- It will allow you to define and track unauthorized software instances in your environment.
Three functions performed on your raw asset data by CyberSecurity Asset Management are
_____________. - ANS - Categorization
- Normalization
- Enrichment
You have been asked to select the sensor that works well for an inventory of assets used by
remote users that aren't always connected to the corporate network. Which option will you
choose? - ANS Cloud Agent
External Attack Surface Management works by ________. - ANS Discovering all domains,
subdomains, subsidiaries
Which of the following are the benefits of the External Attack Surface Management feature in
CSAM? - ANS - Continuous monitoring of your external attack surface
- Discovery of domains, subdomains, and subsidiaries
Passive Sensor works by ________. - ANS Sniffing traffic on the network
Data detected by a Passive Sensor can be merged with an existing asset when it matches the
following: ________. - ANS - IP address & Mac Address
- IP address & Hostname
Qualys categorizes your software inventory by which of the following license types? - ANS -
Open Source
- Commercial
Operating Systems are categorized in CyberSecurity Asset Management with _______ levels of
categorization. - ANS 2
What are the prerequisites to integrate Qualys with ServiceNow CMDB? - ANS - Qualys
subscription with CyberSecurity Asset Management license
- Qualys CMDB Sync or Service Graph Connector app installed in ServiceNow
- CMDB Sync enabled for Qualys account
, Asset Criticality Score is a user-defined score that is applied using _________. - ANS Asset
Tags
Which statements are true about Asset Criticality Score for an asset? - ANS - Is based on highest
aggregated criticality across all tags for an asset
- Score 5 represents the most critical asset
- Can be derived from the Business Criticality score, if assigned to a business app in ServiceNow
CMDB
__________ is the default criticality score assigned to an asset when no score is assigned to any
of the Asset Tags linked to that asset. - ANS 2
In CSAM, _______ is an expression that indicates that a hardware product is no longer serviced
via upgrades, patches, or maintenance. - ANS End-of-Support
Analyze the following statements and identify the statements that apply to software authorization
in CSAM. - ANS - Software is automatically categorized as authorized or unauthorized based on
user-defined rules
- Rule order decides priority while taking effect
- When there is a rule match for software for an asset, no subsequent rules are applied to it
CSAM enhances your software inventory in the platform by telling you when the software is
______. - ANS In the End-of-Life and End-of-Support Stage
Which of the following template is currently available for Compliance reporting in CSAM? -
ANS FedRAMP
You have to set the asset context for identifying security gaps on critical assets using Interactive
Reports. Which of the following options will allow you to do so? - ANS - Asset Support Group
- Asset Criticality
- Asset Tags
Which are the three action types supported for Rule-based Alerts? - ANS - Send to PagerDuty
- Post to Slack
- Send Email (Via Qualys)
Asset Criticality Score is a user-defined score that is applied using _________ . - ANS Asset
Tags
Which sensor gives you an inventory of all your assets deployed in a cloud environment like
AWS using an API call? - ANS Cloud Connector
Qualys categorizes your software inventory by which of the following license types? - ANS -
Commercial
- Open Source
