VMware 5V0-91.20 VMware Carbon Black Portfolio Skills Exam Practice Test

Page: 1 / 14
Total 116 questions
Question 1

An administrator needs to query all endpoints in the HR group for instances of an obfuscated copy of cmd.exe.

Given this Enterprise EDR query:

process_name:cmd.exe AND device_group:HR AND NOT enriched:true

Which example could be added to the query to provide the desired results?



Answer : A


Question 2

Which statement is true about Carbon Black Live Response (CBLR)?



Answer : B


Question 3

Which reputation is processed with the lowest priority for Endpoint Standard?



Answer : B


Question 4

What does the Aggressive setting do when configured in Local Scan Settings?



Answer : C


Question 5

An analyst is investigating a specific alert in Endpoint Standard. The analyst selects the investigate button from the alert triage page and sees the following:

Which statement accurately characterizes this situation?



Answer : D


Question 6

Which Sensor Status under Endpoint Health indicates that a system's policy enforcement is disabled, and the sensor is not sending security event data to the cloud?



Answer : D


Bypass-has-been-Enabled-on-the/ta-p/74905

Question 7

In which two ways can the tamper protection on an App Control agent be disabled when diagnosing agent

issues or removing the agent? (Choose two.)



Answer : A, C


Tamper-Protection/ta-p/37220

Page:    1 / 14   
Total 116 questions