CIS-VR Online Practice Questions and Answers

What is the minimum role required to create and change Service Level Agreements for Vulnerability Response groups?

A. sla_manager

B. admin

C. sn_vul.vulnerability_write

D. sn_vul.admin

Which module is used to adjust the frequency in which CVEs are updated?

A. NVD Auto-update

B. Update

C. CVE Auto-update

D. On-demand update

Vulnerability Response can be best categorized as a ____________, focused on identifying and remediating vulnerabilities as early as possible.

A. A proactive process

B. An iterative process

C. A tentative process

D. A reactive process

What Business Rule creates a Configuration Item from a Vulnerable Item record?

A. Create CI from Vulnerable Group Details

B. Create CI from Closed Item Details

C. Determine CI from Network Details

D. Create CI from Vulnerable Item Details

Ignoring a Vulnerable Item:

A. Permanently removes the item from the list of Active Vulnerable Items

B. Move the item to the Slushbucket

C. Has no impact on the list of Active Vulnerable Items

D. Temporarily removes the item from the list of Active Vulnerable Items

Best Practices dictate that when creating a Change task from a Vulnerable Item, which of the following fields should be used for assigning the Assigned To field on the Change task?

A. Assigned To on Vulnerable Item

B. Managed By on CMDB_CI

C. Assigned To on CMDB_CI Record

D. Best Practice does not dictate a specific field

When an approval is rejected for a Vulnerable Item exception, what happens to the State field for that record?

A. It reverts to `Analysis'

B. It is set to `New'

C. It is set to `In Review'

D. It will be set back to its previous value

Which of the following best describes a Vulnerability Group?

A. Groups VIs using a Filter against Vulnerable Item Fields

B. A Filter defining a sub-set of CIs to be treated as a group

C. The User Group assigned to resolving the Vulnerable Item

D. Must have a corresponding filter group

Which of the following is the property that controls whether Vulnerability Groups are created by default based on Vulnerabilities in the system?

A. sn_vul.autocreate_vul_centric_group

B. sn_vul.autocreate_groups

C. sn_vul.autocreate_vul_grouping

D. sn_vul.create_default_vul_groups

What type of data would the CIO/CISO want on the dashboard?

A. Aggregations for priority and workload

B. Drill-down to granularity

C. Single, clear indicators of organizational health

D. Up to the minute views