New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

5V0-93.22 Exam Dumps - VMware Carbon Black Cloud Endpoint Standard Skills

Go to page:
Question # 9

What is a security benefit of VMware Carbon Black Cloud Endpoint Standard?

A.

A flexible query scheduler that can be used to gather information about the environment

B.

Visibility into the entire attack chain and customizable threat intelligence that can be used to gain insight into problems

C.

Customizable threat feeds that plug into a single agent and single console

D.

Policy rules that can be tested by selecting test rule next to the desired operation attempt

Full Access
Question # 10

An administrator needs to find all events on the Investigate page where the process is svchost.exe, and the path is not the standard path of C:\Windows\System32.

Which advanced search will yield these results?

A.

process_name:svchost.exe EXCLUDE process_name:C\:\\Windows\\System32

B.

process_name:svchost.exe AND NOT process_name:C:\Windows\System32

C.

process_name:svchost.exe AND NOT process_name:C\:\\Windows\\System32

D.

process_name:svchost.exe EXCLUDE process_name:C:\Windows\System32

Full Access
Question # 11

An administrator wants to prevent ransomware that has not been seen before, without blocking other processes.

Which rule should be used?

A.

[Adware or PUP] [Scrapes memory of another process] [Deny operation]

B.

[Not listed application] [Performs ransomware-like behavior] [Terminate process

C.

[Unknown malware] [Runs or is running] [Terminate process]

D.

[Not listed application] [Runs or is running] [Terminate process]

Full Access
Question # 12

Which permission level is required when a user wants to install a sensor on a Windows endpoint?

A.

Everyone

B.

Administrator

C.

Root

D.

User

Full Access
Question # 13

An administrator is reviewing how event data is categorized and identified in VMware Carbon Black Cloud.

Which method is used?

A.

By Unique Process ID

B.

By Process Name

C.

By Unique Event ID

D.

By Event Name

Full Access
Question # 14

Where can a user identify whether a sensor's signature pack is out-of-date in VMware Carbon Black Cloud?

A.

Enforce > Investigate > Sensors > Details

B.

Enforce > Inventory > Endpoints > Policy

C.

Inventory > Endpoints > Sensor Update Status

D.

Inventory > Endpoints > Device Name

Full Access
Question # 15

An administrator needs to fully analyze the relevant information of an event stored in the VMware Carbon Black Cloud.

On which page can this information be found?

A.

Enforce

B.

Investigate

C.

Live Query

D.

Inventory

Full Access
Question # 16

An administrator has determined that the following rule was the cause for an unexpected block:

[Suspected malware] [Invokes a command interpreter] [Terminate process]

All reputations for the process which was blocked show SUSPECT_MALWARE.

Which reputation was used by the sensor for the decision to terminate the process?

A.

Initial Cloud reputation

B.

Actioned reputation

C.

Current Cloud reputation

D.

Effective reputation

Full Access
Go to page: