CIS-VR Sample Questions Answers

Create a custom workflow to monitor the time between States

Log in as a system admin, and using the globally scoped baseline SLA Modules

Have the role of Vulnerability admin, but only in the Vulnerability Scope

Make sure you have at least the sn_vul.vulnerability_write role and using the baseline SLA Application Modules

com.snc.threat.intelllgence

com.snc.vulnerability

com.snc.threat.feeds

com.snc.securityjncident

National Vulnerability Database (NVD)

Common Vulnerability and Exposure (CVE)

National Institute of Science and Technology (NIST)

Common Weaknesses Enumeration (CWE)

Vulnerability Groups

Calculator Group

Filter Group

Vulnerable item Conditions

Mature organizations abandon patching

Patch management and Vulnerability Response are interchangeable terms

Patching is one of many responses to a Vulnerability

As long as you are patching actively. Vulnerability Response isn't necessary

Mark the CI inactive in the CMDB and notify the CI owner

Record the accepted risk and Close/Defer the Vulnerable Item

Deprioritize the Vulnerable item Records (VlT) to push them further down the list so it can be ignored

Add the Cl to the Vulnerability Scanners exclusions Related List