VMware 5V0-91.20 VMware Carbon Black Portfolio Skills Exam Practice Test

Which Sensor Status under Endpoint Health indicates that a system's policy enforcement is disabled, and the sensor is not sending security event data to the cloud?

An administrator runs multiple queries on tables and combines the results after the fact to correlate dat

a. The administrator needs to combine rows from multiple tables based on data from a related column in each table.

Which SQL statement should be used to achieve this goal?

Refer to the exhibit, noting the circled red dot:

What is the meaning of the red dot under Hits in the Process Search page?

A Carbon Black administrator received an alert for an untrusted hash executing in the environment.

Which two information items are found in the alert pane? (Choose two.)

Which identifier is shared by all events when an alert is investigated?

An administrator needs to manage a group of sensors from within the console.

Which three actions are available for sensors within the Sensor Group? (Choose three.)

Review the following query:

path:c:\program\ files\ \(x86\)\microsoft

How would this query input term be interpreted?