Vulnerability Management Detection and Response (VMDR) Exam with 100% Correct Answers 2023

Vulnerability Management Detection and Response (VMDR) Exam with 100% Correct Answers 2023 What are the features of the Patch Management (PM) application - Correct Answer - What are the steps for Patch Management as a response to vulnerability findings - Correct Answer - What is asset management? - Correct Answer -Step 1 in the VMDR lifecycle What is vulnerability management? - Correct Answer -Step 2 in the VMDR lifecycle What is threat detection and prioritization? - Correct Answer -Step 3 in the VMDR lifecycle What is response (patch deployment?) - Correct Answer -Step 4 in the VMDR lifecycle What should you ask your business, IT, and security managers regarding cyberhygine? - Correct Answer -1. Do we know what assets we have and what is connected to our systems and networks? 2. Do we know what's running (or trying to run) on our systems and networks? 3. Are we limiting and managing the number of people with administrative privileges to change, bypass, or override the security settings on our systems and networks? 4. Do we have in place continuous processes backed by security technologies that would allow us to prevent most breaches, rapidly detect all that do succeed, and minimize damage to our business and our customers? 5. Can we demonstrate that we have an effective monitoring strategy in place to our Board, our shareholders, and customers today? What are the major steps to take in "Inventory and Control Enterprise Assets?" - Correct Answer -1. Establish and Maintain Detailed Enterprise Asset Invento ry 2. Address Unauthorized Assets What are the major steps to take in "Inventory and Control Software Assets?" - Correct Answer -1. Establish and Maintain a Software Inventory 2. Ensure Authorized Software Is Currently Supported 3. Address Unauthorized Software What are the major steps to take in "Protect Data?" - Correct Answer -1. Establish and Maintain a Data Management Process 2. Establish and Maintain a Data Inventory 3. Configure Data Access Control Lists 4. Enforce Data Retention 5. Securely Dispo se of Data 6. Encrypt Data on End -User Devices What should be addressed during Establish and Maintain a Data Management Process? - Correct Answer -1. What type of data does the university process or store? 2. Where is the data processed or stored? 3. Who h as access to each type of data? What is CIA? - Correct Answer -Confidentiality, Integrity, and Availability What are the steps for secure configuration and baseline image? - Correct Answer -1. Determine the risk classification of the data handled or stored on the asset. 2. Create a security configuration script that sets system security settings to meet the requirements to protect the data used on the asset. 3. Install the base operating system software. 4. Apply appropriate operating system and security pa tches. 5. Install appropriate application software packages, tools, and utilities. 6. Apply appropriate updates to operating systems. Install local customization scripts to this image. 7. Run the security script created earlier to set the appropriate secur ity level. 8. Run a Security Content Automation Protocol (SCAP) compliant tool to record and score the system setting of the baseline image. 9. Perform a security quality assurance test. 10. Save this base image in a secure location. What are the Safeguar ds? - Correct Answer -1. Establish and Maintain a Secure Configuration Process 2.Establish and Maintain a Secure Configuration Process for Network Infrastructure 3. Configure Automatic Session Locking on Enterprise Assets 4. Implement and Manage a Firewall on Servers 5. Implement and Manage a Firewall on End -User Devices: 6. Securely Manage Enterprise Assets and Software: 7. Manage Default Accounts on Enterprise Assets and Software: What are Remote Scanners? - Correct Answer -internet -facing and ideal for sc anning internet -facing assets around the globe. What are Local Scanners? - Correct Answer -deployed on local area networks and commonly scan assets within reserved or private IP address ranges. Can be physical or virtual. What are Qualys Cloud Agents? - Correct Answer -run as a local process on the host they protect.