Need answers to posted Ques CIS VR prep
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 hours ago
Hi , need help! please provider answers to the questions below, please dont just search them on net as that I have already done try to provide answer explanation/source to if possible.
Q1.
To ensure that Vulnerabilities are processed correctly, you can define a Service Level Agreement (SLA) for Vulnerability Response. To achieve this, you would: (C or D)
A. Create a custom workflow to monitor the time between States
B. Log in as a system admin, and using the globally scoped baseline SLA Modules
C. Have the role of Vulnerability admin, but only in the Vulnerability Scope
D. Make sure you have at least the sn_vul.vulnerability_write role and using the baseline SLA Application Modules
Q2.
The Vulnerability Admin role (sn_vul.admin) can modify Vulnerability Application Properties and can be delegated to the following role(s):
A. ServiceNow Security Operations Admin (sn_sec.admin)
B. Security Admin (security.admin)
C. Vulnerability Response Admin (sn_vul_resp.admin)
D. All of the above
Q3.
Approvals within the Vulnerability Application are created based on:
A. The sys_approval and the and the sn_vul_vulnerable_item tables
B. The sn_vul_vulnerable_item and sn_vul_vulnerability tables
C. The sn_vul_change_approval table
D. Ths sys_approval table
Q4.
In regard to the Security Operations Process, which of the following statements defines the "identify" phase?
A. What processes and assets need protection?
B. What techniques can identify incidents?
C. What safeguards are available?
D. What techniques can restore capabilities?
E. What techniques can contain impacts of incidents?
Q5.
Which of the following best describes the Vulnerable item State Approval Workflow?
A. It is read-only, you can only change the Assignment Group members for the approval
B. It exists in the Security Operations Common scope so it can be modified by any Security Operations Admin
C. It can only be modified by System Adminstrators
D. It runs against the [sn_vul_change_approval] table
Q6.
When an approval is rejected for a Vulnerable Item exception, what happens to the State field for that record?
A. It reverts to 'Analysis'
B. It is set to 'New'
C. It is set to 'In Review'
D. It will be set back to its previous value
Q7.
Qualys asset tags can be loaded into a table related to the configuration item and used to support business processes or reporting. Set the Qualys Host parameter of asset_tags to a value of ___ to have asset tag information from Qualys be included in the XML payload.
A. 1
B. 3
C. 2
D. 0
Q8.
After closing the Vulnerable Item (VI), it is recommended to:
A. Update the values in the Vulnerability Score Indicator (VSl) based on the criticality of the Vulnerability.
B. The VI remains active and in place until the Scanner rescans and closes the VI.
C. Mark the CI as exempt from the Vulnerability if the vulnerability was remediated.
D. Compare the Vulnerability with subsequent scans.
Q9.
Which of the following can NOT be used for building Vulnerability Groups?
A. Vulnerability
B. Filter Groups
C. Condition Builder
D. Advanced Scripts
Q10.
What Business Rule creates a Configuration Item from a Vulnerable Item record?
A. Create CI from Vulnerable Group Details
B. Create CI from Closed Item Details
C. Determine CI from Network Details
D. Create CI from Vulnerable item Details
Q11.
In order for Vulnerability admins to configure integrations, they must have the following Role(s):
A. admin only
B. sn_vul.admin only
C. sn_vul.vulnerability_write
D. admin and sn_vul_qualys.admin
