SecOps Fundamentals Module 1:
Security Operations Overview Exam
Actual Questions and Answers 2026
How are Vulnerabilities addressed through further actions? -
correct answer ✅• Create a security incident - raise a SIR record
for further analysis.
• Create a problem record -raise a PRB for more detailed
investigation.
• Raise a change -jump directly to some remediation action.
• Do nothing -raise an exception to document the "no further
action" approach.
What role is required to view the VR Overview module? -
correct answer ✅sn_vul.vulnerability_read
sn_vul.vulnerability_write
What is the difference between CVE and CWE? -
correct answer ✅Common Weakness Enumeration (CWE) is a
directory of weaknesses (flaws) that have been found.
Common Vulnerabilities and Exposures (CVE) are the specific
system or software that is potentially impacted by a CWE.
, SecOps Fundamentals Module 1:
Security Operations Overview Exam
Actual Questions and Answers 2026
What is CWE? -
correct answer ✅Common Weakness Enumeration (CWE) is a
universal online dictionary of weaknesses (flaws) that have been
found in code, design, or system architecture. This is the "system
flaw" NOT a specific instantiation of a vulnerability in a specific
system/software.
What is CVE? -
correct answer ✅Common Vulnerabilities and Exposures (CVE) is a
catalog of known security threats. Threats are divided into two
categories: vulnerabilities and exposures relate to a specific system
or software. NOT the flaw that is causing the vulnerability/exposure
What are the third party scanners? -
correct answer ✅Qualys, Tenable and Rapid7.
What happens with scanners? -
correct answer ✅When detections are found by these scanners
then the device found by the scanner is matched to a CI in the
CMDB. If a match cannot be made, then a temporary CI is created.
A Vulnerable Item record is created from the scanner record.
Security Operations Overview Exam
Actual Questions and Answers 2026
How are Vulnerabilities addressed through further actions? -
correct answer ✅• Create a security incident - raise a SIR record
for further analysis.
• Create a problem record -raise a PRB for more detailed
investigation.
• Raise a change -jump directly to some remediation action.
• Do nothing -raise an exception to document the "no further
action" approach.
What role is required to view the VR Overview module? -
correct answer ✅sn_vul.vulnerability_read
sn_vul.vulnerability_write
What is the difference between CVE and CWE? -
correct answer ✅Common Weakness Enumeration (CWE) is a
directory of weaknesses (flaws) that have been found.
Common Vulnerabilities and Exposures (CVE) are the specific
system or software that is potentially impacted by a CWE.
, SecOps Fundamentals Module 1:
Security Operations Overview Exam
Actual Questions and Answers 2026
What is CWE? -
correct answer ✅Common Weakness Enumeration (CWE) is a
universal online dictionary of weaknesses (flaws) that have been
found in code, design, or system architecture. This is the "system
flaw" NOT a specific instantiation of a vulnerability in a specific
system/software.
What is CVE? -
correct answer ✅Common Vulnerabilities and Exposures (CVE) is a
catalog of known security threats. Threats are divided into two
categories: vulnerabilities and exposures relate to a specific system
or software. NOT the flaw that is causing the vulnerability/exposure
What are the third party scanners? -
correct answer ✅Qualys, Tenable and Rapid7.
What happens with scanners? -
correct answer ✅When detections are found by these scanners
then the device found by the scanner is matched to a CI in the
CMDB. If a match cannot be made, then a temporary CI is created.
A Vulnerable Item record is created from the scanner record.