QUALYS FINAL PAPER PRACTICE SOLUTION 2026 TESTED QUESTIONS
GUARANTEED TO PASS, Exams of Information and Communications
Technology (ICT)
1. Which of the following best describes the recommended process for
achieving the PCI DSS 11.2.2 external scanning requirement? -
ANSWERA)Scan, Remediate, Report
2. Sensitive authentication data should never be: - ANSWERB)Stored
3. PCI Security Standards Council is made up of: - ANSWERA)Major Credit
Card Companies
4. The "stakeholder that is required to hold the Scan Customer responsible
for compliance is: - ANSWERD)QSA
5. vulnerability scan report that was created using the PCI Scan Report
Template (in Qualys VM), will display each detected vulnerability, along with
its______________. - ANSWERA)PASS/FAIL status
6. PCI DSS 11.2.1 (internal scanning) requires the resolution of_________
vulnerabilities. - ANSWERB)High-risk
, 7. When viewing vulnerability details from an external PCI scan, you can view
the following data (choose 3): - ANSWERA)solution
B)results
D)threat
8. Which PCI DSS "Stakeholder" does Qualys represent? -
ANSWERA)Approved Scanning Vendor (ASV)
9. Which of the twelve (12) PCI DSS requirements are covered or addressed
by the Qualys PCI Compliance application? (choose 3) - ANSWERA)6
C)1
D11
10. Automated "Fault Injection" testing can typically detect ___________of
Web application vulnerabilities. - ANSWERD)80 to 85%
11. Cardholder Data includes (choose 2): - ANSWERA)Cardholder name
C)Primary Account number
12. The stakeholders who are part of the external scanning requirement of
PCI are (choose all that apply): - ANSWERB)Scan Customer
C)Payment Brands
D)Approved Scanning Vendor
GUARANTEED TO PASS, Exams of Information and Communications
Technology (ICT)
1. Which of the following best describes the recommended process for
achieving the PCI DSS 11.2.2 external scanning requirement? -
ANSWERA)Scan, Remediate, Report
2. Sensitive authentication data should never be: - ANSWERB)Stored
3. PCI Security Standards Council is made up of: - ANSWERA)Major Credit
Card Companies
4. The "stakeholder that is required to hold the Scan Customer responsible
for compliance is: - ANSWERD)QSA
5. vulnerability scan report that was created using the PCI Scan Report
Template (in Qualys VM), will display each detected vulnerability, along with
its______________. - ANSWERA)PASS/FAIL status
6. PCI DSS 11.2.1 (internal scanning) requires the resolution of_________
vulnerabilities. - ANSWERB)High-risk
, 7. When viewing vulnerability details from an external PCI scan, you can view
the following data (choose 3): - ANSWERA)solution
B)results
D)threat
8. Which PCI DSS "Stakeholder" does Qualys represent? -
ANSWERA)Approved Scanning Vendor (ASV)
9. Which of the twelve (12) PCI DSS requirements are covered or addressed
by the Qualys PCI Compliance application? (choose 3) - ANSWERA)6
C)1
D11
10. Automated "Fault Injection" testing can typically detect ___________of
Web application vulnerabilities. - ANSWERD)80 to 85%
11. Cardholder Data includes (choose 2): - ANSWERA)Cardholder name
C)Primary Account number
12. The stakeholders who are part of the external scanning requirement of
PCI are (choose all that apply): - ANSWERB)Scan Customer
C)Payment Brands
D)Approved Scanning Vendor
