Qualys Reporting Strategies and
Best Practices (Exam) with
Complete Solutions
In the patch report template, which evaluation provides the most accurate
patches that need to be installed?
(A) Superseded patch evaluation
(B) Latest patch evaluation
(C) QID based patch evaluation
(D) Classic patch evaluation - ANSWER-(A) Superseded patch evaluation
Which scorecard report type allows you to identify hosts that are missing
required patches and software?***
(A) Patch report
(B) Vulnerability scorecard report
,(C) Missing software report
(D) Asset Search Report - ANSWER-(A) Patch report
Which of the following scenarios can lead to gaps in the patch tree structure
and break the patch supersedence logic? Select all that apply.
(A) Scan report with vulnerability search list or Threat Protection RTI filter
(B) Cloud Agent data collection followed by an authenticated scan
(C) Scan job with a custom vulnerability filter
(D) Unauthenticated scan
(E) Cloud Agent scan - ANSWER-(A) Scan report with vulnerability search list
or Threat Protection RTI filter
(C) Scan job with a custom vulnerability filter
Which finding type allows you to include trending data in your reports?***
(A) Scanner based findings
(B) San-based finding
(C) Cloud Agent-based findings
, (D) Host-based findings - ANSWER-(D) Host-based findings
Threat Protection RTIs are used in the___________ in VMDR to identify the
potential impact of discovered vulnerabilities, as well as vulnerabilities that
have known or existing threats. ***
(A) Prioritization report
(B) Remediation report
(C) Scorecard report
(D) Patch report - ANSWER-(A) Prioritization report
Identify the vulnerability types excluded by default in the VM/VMDR
Dashboard. Select all that apply.***
(A) Fixed vulnerabilities
(B) Disabled or Ignored vulnerabilities
(C) Vulnerabilities without exploits
(D) Low severity vulnerabilities
(E) Vulnerabilities without patches - ANSWER-(A) Fixed vulnerabilities
(B) Disabled or Ignored vulnerabilities
Best Practices (Exam) with
Complete Solutions
In the patch report template, which evaluation provides the most accurate
patches that need to be installed?
(A) Superseded patch evaluation
(B) Latest patch evaluation
(C) QID based patch evaluation
(D) Classic patch evaluation - ANSWER-(A) Superseded patch evaluation
Which scorecard report type allows you to identify hosts that are missing
required patches and software?***
(A) Patch report
(B) Vulnerability scorecard report
,(C) Missing software report
(D) Asset Search Report - ANSWER-(A) Patch report
Which of the following scenarios can lead to gaps in the patch tree structure
and break the patch supersedence logic? Select all that apply.
(A) Scan report with vulnerability search list or Threat Protection RTI filter
(B) Cloud Agent data collection followed by an authenticated scan
(C) Scan job with a custom vulnerability filter
(D) Unauthenticated scan
(E) Cloud Agent scan - ANSWER-(A) Scan report with vulnerability search list
or Threat Protection RTI filter
(C) Scan job with a custom vulnerability filter
Which finding type allows you to include trending data in your reports?***
(A) Scanner based findings
(B) San-based finding
(C) Cloud Agent-based findings
, (D) Host-based findings - ANSWER-(D) Host-based findings
Threat Protection RTIs are used in the___________ in VMDR to identify the
potential impact of discovered vulnerabilities, as well as vulnerabilities that
have known or existing threats. ***
(A) Prioritization report
(B) Remediation report
(C) Scorecard report
(D) Patch report - ANSWER-(A) Prioritization report
Identify the vulnerability types excluded by default in the VM/VMDR
Dashboard. Select all that apply.***
(A) Fixed vulnerabilities
(B) Disabled or Ignored vulnerabilities
(C) Vulnerabilities without exploits
(D) Low severity vulnerabilities
(E) Vulnerabilities without patches - ANSWER-(A) Fixed vulnerabilities
(B) Disabled or Ignored vulnerabilities
