Qualys Guard Policy Compliance Exam Dumps

Hi Friends,

In this post, I will share the complete exam guide for Qualys Guard Policy Compliance you just need to follow the guide to pass this exam all answers are verified. 

Note: All correct answers are highlighted with yellow color.

1.The 'scope' of a policy can be defined using:

Choose an answer:

Search Lists

Both Asset Groups and Asset Tags

Asset Tags

Asset Groups

2.The Security Assessment Questionnaire application provides compliance coverage for __________ controls.

Choose an answer:

Compensating

Technical

Deterrent

Process (Administrative)

3. Which of the following user-defined controls (UDCs) can *only* be used with a Unix host?

Choose an answer:

Registry Value Content Check

File Content Check

File Integrity Check

WMI Query Check 

4. What user role is only usable in the Policy Compliance application?

Choose an answer:

Auditor

Manager

Reader

Scanner

5. Authentication issues can be identified by: (choose two)

Choose an answer:

Creating an Interactive Report

Creating a Scorecard Report

Creating an Authentication Report

Viewing the raw Scan Results

6. Which of the following user-defined controls (UDCs) can *only* be used with a Windows host? (choose two)

Choose an answer:

WMI Query Check

File Integrity Check

File Content Check

Registry Value Content Check

7. Which “Root Delegation” services can be used to perform a Qualys compliance scan? (choose three)

Choose an answer:

Thycotic

Sudo

PowerBroker

Pimsu

8. Which user roles have access to the Policy Compliance application, by default? (choose two)

Choose an answer:

Scanner

Auditor

Manager

Unit Manager

9. A Policy Report displays PASS/FAIL results for each control by comparing the policy's __________ values, to the host's __________ values.

Choose an answer:

approximate, actual

expected, actual

actual, expected

actual, relative

10. The three basic components of every policy are:

Choose an answer:

Benchmarks, frameworks, and regulations

Search Lists, option profiles, and authentication records

Technologies, controls, and assets

Readers, scanners, and auditors

11. What type of report allows you to request an exception for a failed policy control?

Choose an answer:

Interactive Report

Policy Report

Authentication Report

Scorecard Report

12. Which SAQ campaign member(s) participate in a 4-stage workflow? (choose three)

From book

Choose an answer:

Auditor

Recipient

Approver

Reviewer

13. The Auditor role can perform the following tasks within the Policy Compliance application: (Choose three)

Choose an answer:

Run compliance scans

Handle exception requests

Create reports

Edit policies

14. When launching a compliance scan, you must select a: (choose two)

Choose an answer:

Policy name

Scan target

Search List

Compliance Profile

15. Which SAQ campaign member(s) participate in a 3-stage workflow? (choose two)

Choose an answer:

Reviewer

Approver

Auditor

Recipient

16. What policy creation method requires at least one successful compliance scan?

Choose an answer:

Existing Host

Empty Policy

XML File

Policy Library

17. What is the appropriate cardinality for a control that defines a "Prohibited Software" list?

Choose an answer:

Matches

Does Not Contain

Contains

Intersects

18. What policy creation method allows you to use a locked policy which has been reviewed and certified?

Choose an answer:

XML File

Empty Policy

Existing Host

Policy Library

19. Which of the following options are available for creating a policy in Qualys Policy Compliance? (Choose three)

Choose an answer:

Create a policy from an existing host

Create from Scratch

Import one from the Qualys Library

Import policy from a CSV file

20. Which user-defined control (UDC) can be used to enumerate the list of running processes on a Windows host?

Choose an answer:

WMI Query Check

File Integrity Check

Registry Value Content Check

File Content Check

21. Which user-defined control (UDC) will allow you to check the status of the 'PermitRootLogin' setting, on a Unix host?

Choose an answer:

Registry Value Content Check

File Content Check

File Integrity Check

WMI Query Check

22. A Qualys Compliance Scan collects host ‘data points’ which serve as the __________ values for each control test.

Choose an answer:

Approximate

Actual

Relative

Expected

23. If you want to scan an Apache Web Server (running on a Unix host), which of the following authentication records will you need to create?

Choose an answer:

Apache authentication

Windows authentication

Unix authentication

Both Apache and Unix authentication

24. Which of the following is NOT a valid compliance scanning target?

Choose an answer:

Asset Group

IP Address

Asset Tag

Domain Name

25. All user defined controls (UDCs) are numbered __________ and greater.

Choose an answer:

100

1000

10000

100000

26. Which user roles require extended privileges to access the Policy Compliance application? (choose two)

Choose an answer:

Auditor

Scanner

Manager

Reader

27. What type of report provides summary statistics that allow you to compare multiple policies, side-by-side?

Choose an answer:

Interactive Report

Scorecard Report

Policy Report

Authentication Report

28. Which of the following tests can be performed only when the Dissolvable Agent is enabled? (choose three)

Choose an answer:

Windows Directory Search

Windows Share Enumeration

Password Auditing

WMI Query Check

29. Which “Authentication Vault” services can be used to perform a Qualys compliance scan? (Choose two)

Choose an answer:

Cyber-Ark

PowerBroker

Thycotic

Pimsu

30. Which is the only SAQ campaign member to participate in a 2-stage workflow?

Choose an answer:

Auditor

Reviewer

Recipient

Approver




If you still need any support you may contact me at qualysexam@gmail.com