QUALYS VMDR TRAINING 2023/ 2024
Exam Review| Questions and Verified
Answers| 100% Correct
Q: What kind of things can a cybercriminal access without VM
Answer:
Personal or credit card info, intellectual property, business secrets. Anything that can be sold on
the black market can be exploited.
Cybercriminals can also use your network as a platform to attack other networks.
Q: Primary objectives of vulnerability managment
Answer:
The primary objectives of VM are to:
bullet
Maintain a database of devices connecting to your network and prioritize how they should be
remediated.
bullet
Compile a list of installed software – your software assets.
bullet
Change software configurations to make them less susceptible to attack.
bullet
Patching and fixing operating system-related security flaws in installed software.
bullet
Alert to additions of new devices, ports, or software to the databases to analyze the changed
attack surface and detect successful attacks.
bullet
Indicate the most effective workflow for patching and updating your devices to thwart attacks.
bullet
Enable the effective mitigation and management of security risks.
bullet
Document the state of security for audit and compliance with laws, regulations, and business
policy.
bullet
Continuously repeat the preceding steps to ensure the ongoing protection of your network
security.
Q: Textbook definition of vulnerability management
Answer:
Systematically and continuously finding and eliminating vulnerabilities in computer systems.
Q: what are some keys to effective continuous VM
Answer:
Identify both internal and external vulnerability
Automatically scan using continually updated database of known attacks
High accuracy, eliminating false positives and false negatives
Generation of concise, actionable, reports.
Provide tested remedies and workarounds for cases where no remedy exists yet
Q: Core components of Qualys VM
Answer:
KnowledgeBase
Security Operations Centers