VMware 5V0-91.20 Exam Practice Questions (P. 4)
- Full Access (56 questions)
- Six months of Premium Access
- Access to one million comments
- Seamless ChatGPT Integration
- Ability to download PDF files
- Anki Flashcard files for revision
- No Captcha & No AdSense
- Advanced Exam Configuration
Question #16
A company wants to implement the strictest security controls for computers on which the software seldom changes (i.e., servers or single-purpose systems).
Which Enforcement Level is the most fitting?
Which Enforcement Level is the most fitting?
- ALow Enforcement
- BMedium Enforcement
- CHigh Enforcement
- DNone (Visibility)
Correct Answer:
C
Reference:
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwjapqGLiYXvAhUwQxUIHRn2BHYQFjALegQILxAD&url=https%
3A%2F%2Fcommunity.carbonblack.com%2Fgbouw27325%2Fattachments%2Fgbouw27325%2Fproduct-docs-news%2F1001%2F1%2Fbit9- userguide.pdf&usg=AOvVaw23gKlZGFcZ4y9AKAalm9Oj
C
Reference:
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwjapqGLiYXvAhUwQxUIHRn2BHYQFjALegQILxAD&url=https%
3A%2F%2Fcommunity.carbonblack.com%2Fgbouw27325%2Fattachments%2Fgbouw27325%2Fproduct-docs-news%2F1001%2F1%2Fbit9- userguide.pdf&usg=AOvVaw23gKlZGFcZ4y9AKAalm9Oj
send
light_mode
delete
Question #17
What does the Aggressive setting do when configured in Local Scan Settings?
- AIt adds a temporary reputation.
- BIt scans all files on execution.
- CIt scans new files on first execution.
- DIt enables signature updates for the scanner.
Correct Answer:
C
Reference:
https://community.carbonblack.com/t5/Knowledge-Base/Endpoint-Standard-How-To-Configure-Local-AV-Scan/ta-p/89051
C
Reference:
https://community.carbonblack.com/t5/Knowledge-Base/Endpoint-Standard-How-To-Configure-Local-AV-Scan/ta-p/89051
send
light_mode
delete
Question #18
Review the following search:
childproc_name:`rundll32.exe` AND -digsig_result:`Signed` AND path:c:\windows\*
What is this search looking for?
childproc_name:`rundll32.exe` AND -digsig_result:`Signed` AND path:c:\windows\*
What is this search looking for?
- AProcesses being launched by rundll32.exe running out of the windows directory that are not signed
- BInstances of rundll32.exe running out of the windows directory that are not signed
- CInstances of rundll32.exe running out of the windows directory that are signed
- DProcesses launching rundll32.exe running out of the windows directory that are not signed
Correct Answer:
A
Reference:
https://www.carbonblack.com/blog/hunting-the-white-rabbit-detecting-metasploit-meterpreter-using-carbon-black/
A
Reference:
https://www.carbonblack.com/blog/hunting-the-white-rabbit-detecting-metasploit-meterpreter-using-carbon-black/
send
light_mode
delete
Question #19
Which reputation is processed with the lowest priority for Endpoint Standard?
send
light_mode
delete
Question #20
Which statement is true about Carbon Black Live Response (CBLR)?
- ACBLR sessions do not need to wait for the next sensor check-in.
- BCBLR is disabled by default.
- CCBLR is only available on Windows Endpoints.
- DCBLR cannot be accessed through the API.
Correct Answer:
B
Reference:
https://community.carbonblack.com/t5/Knowledge-Base/Cb-Response-Go-Live-Button-is-Grayed-Out/ta-p/41205
B
Reference:
https://community.carbonblack.com/t5/Knowledge-Base/Cb-Response-Go-Live-Button-is-Grayed-Out/ta-p/41205
send
light_mode
delete
All Pages