Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home VMware 5V0-91.20

VMware 5V0-91.20 Exam Practice Questions (P. 2)

  • Full Access (56 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #6
A Carbon Black administrator received an alert for an untrusted hash executing in the environment.
Which two information items are found in the alert pane? (Choose two.)
  1. A
    Launch Live Query
  2. B
    Launch process analysis
  3. C
    User quarantine
  4. D
    Add hash to banned list
  5. E
    IOC short name

Correct Answer:
AB

Question #7
An administrator observes the following event detail in the Investigate tab for an application with an unknown reputation making network connections:

Upon further review of the event details returned, the reputation is observed as NOT_LISTED, and the applied (cloud) reputation is UNKNOWN.
Why is the applied (cloud) reputation UNKNOWN and not NOT_LISTED?
  1. A
    The sensor demoted the local reputation from UNKNOWN to NOT_LISTED based on the coud reputation.
  2. B
    NOT_LISTED was applied by the sensor after observing no cloud reputation, as evidenced by the applied cloud reputation UNKNOWN.
  3. C
    The application was UNKNOWN at the time of the event but then later determined to be NOT_LISTED.
  4. D
    The sensor demoted the local reputation from NOT_LISTED to UNKNOWN based on the cloud reputation.

Correct Answer:
C

Question #8
In which two ways can the tamper protection on an App Control agent be disabled when diagnosing agent issues or removing the agent? (Choose two.)
  1. A
    From the Computer Details page on the web console
  2. B
    From the Files on Computers page on the web console
  3. C
    Run authenticated DasCLI on Windows command prompt
  4. D
    Run RepCLI on Windows command prompt
  5. E
    From the File Catalog page on the web console

Correct Answer:
AC
Reference:
https://community.carbonblack.com/t5/Knowledge-Base/App-Control-How-to-Disable-Enable-Tamper-Protection/ta-p/37220

Question #9
Which Sensor Status under Endpoint Health indicates that a system's policy enforcement is disabled, and the sensor is not sending security event data to the cloud?
  1. A
    Quarantined
  2. B
    Deregistered
  3. C
    Inactive
  4. D
    Bypass

Correct Answer:
D
Reference:
https://community.carbonblack.com/t5/Knowledge-Base/CB-Defense-What-Happens-When-Bypass-has-been-Enabled-on-the/ta-p/74905

Question #10
An Enterprise EDR administrator has created a custom Watchiist and wants to add a custom query to a report in the custom Watchiist.
From which page can the administrator add this custom query?
  1. A
    Policies
  2. B
    Watchlists
  3. C
    Investigate
  4. D
    Cloud Analysis

Correct Answer:
C
Reference:
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwih0bWU4oLvAhX-UBUIHVBDDSUQFjAAegQIAhAD&url=https%
3A%2F%2Fcommunity.carbonblack.com%2Fgbouw27325%2Fattachments%2Fgbouw27325%2Fproduct-docs-news%2F1913%2F18%2FEnterprise%2520EDR%
2520Getting%2520Started.pdf&usg=AOvVaw2_M7opfEgUaIIfutBZChvk

Previous Questions Next Questions

All Pages