Winter Sale - Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpm65

Hot Vendors

5V0-93.22 VMware Carbon Black Cloud Endpoint Standard Skills Questions and Answers

Questions 4

An administrator wants to be notified when particular Tactics, Techniques, or Procedures (TTPs) are observed on a managed endpoint.

Which notification option must the administrator configure to receive this notification?

Options:

A.

Alert that crosses a threshold with the "observed" option selected

B.

Alert that includes specific TTPs

C.

Alert for a Watchlist hit

D.

Policy action that is enforced with the "deny" opt ion selected

Buy Now
Questions 5

Which scenario would qualify for the "Local White" Reputation?

Options:

A.

The file was added as an IT took

B.

The file was signed using a trusted certificate.

C.

The hash was not on any known good or known bad lists, AND the file is signed.

D.

The hash was previously analyzed, AND it is not on any known good or bad lists.

Buy Now
Questions 6

An administrator is working in a development environment that has a policy rule applied and notices that there are too many blocks. The administrator takes action on the policy rule to troubleshoot the issue until the blocks are fixed.

Which action should the administrator take?

Options:

A.

Unenforce

B.

Disable

C.

Recall

D.

Delete

Buy Now
Questions 7

An administrator wants to prevent malicious code that has not been seen before from retrieving credentials from the Local Security Authority Subsystem Service, without causing otherwise good applications from being blocked.

Which rule should be used?

Options:

A.

[Unknown application] [Retrieves credentials] [Terminate process]

B.

[**/*.exe] [Scrapes memory of another process] [Terminate process]

C.

[**\lsass.exe] [Scrapes memory of another process] [Deny operation]

D.

[Not listed application] [Scrapes memory of another process] [Terminate process]

Buy Now
Questions 8

A security administrator needs to review the Live Response activities and commands that have been executed while performing a remediation process to the sensors.

Where can the administrator view this information in the console?

Options:

A.

Users

B.

Audit Log

C.

Notifications

D.

Inbox

Buy Now
Questions 9

An administrator notices that a sensor's local AV signatures are out-of-date.

What effect does this have on newly discovered files?

Options:

A.

The reputation is determined by cloud reputation.

B.

The sensor prompts the end user to allow or deny the file.

C.

The sensor automatically blocks the new file.

D.

The sensor is unable to block a malicious file.

Buy Now
Questions 10

An administrator has been tasked with preventing the use of unauthorized USB storage devices from being used in the environment.

Which item needs to be enabled in order to enforce this requirement?

Options:

A.

Enable the Block access to all unapproved USB devices within the policies option.

B.

Choose to disable USB device access on each endpoint from the Inventory page.

C.

Select the option to block USB devices from the Reputation page.

D.

Elect to approve only allowed USB devices from the USB Devices page.

Buy Now
Questions 11

A security administrator is tasked to enable Live Response on all endpoints in a specific policy.

What is the correct path to configure the required sensor policy setting?

Options:

A.

Enforce > Policy > Policies > Sensor

B.

Policies > Policy > Sensor > Enforce

C.

Policies > Enforce > Policy > Sensor

D.

Enforce > Policies > Policy > Sensor

Buy Now
Questions 12

A security administrator needs to remediate a security vulnerability that may affect the sensors. The administrator decides to use a tool that can provide interaction and remote access for further investigation.

Which tool is being used by the administrator?

Options:

A.

CBLauncher

B.

Live Response

C.

PowerCLI

D.

IRepCLI

Buy Now
Questions 13

In which tab of the VMware Carbon Black Cloud interface can sensor status details be found?

Options:

A.

Enforce > Policies

B.

Inventory > Sensors

C.

Inventory > Endpoints

D.

Inventory > Sensor groups

Buy Now
Questions 14

An organization has the following requirements for allowing application.exe:

5V0-93.22 Question 14Must not work for any user's D:\ drive

5V0-93.22 Question 14Must allow running only from inside of the user's Temp\Allowed directory

5V0-93.22 Question 14Must not allow running from anywhere outside of Temp\Allowed

For example, on one user's machine, the path is C:\Users\Lorie\Temp\Allowed\application.exe.

Which path meets this criteria using wildcards?

Options:

A.

C:\Users\?\Temp\Allowed\application.exe

B.

C:\Users\*\Temp\Allowed\application.exe

C.

*:\Users\**\Temp\Allowed\application.exe

D.

*:\Users\*\Temp\Allowed\application.exe

Buy Now
Questions 15

Which permission level is required when a user wants to install a sensor on a Windows endpoint?

Options:

A.

Everyone

B.

Administrator

C.

Root

D.

User

Buy Now
Questions 16

An organization is seeing a new malicious process that has not been seen before.

Which tool can be used to block this process?

Options:

A.

Policy rules

B.

Malware Removal

C.

Certificate banned list

D.

Live Response

Buy Now
Questions 17

An administrator wants to block an application by its path instead of reputation. The following steps have already been taken:

Go to Enforce > Policies > Select the desired policy >

Which additional steps must be taken to complete the task?

Options:

A.

Click Enforce > Add application path name

B.

Scroll down to the Permissions section > Click Add application path > Enter the path of the desired application

C.

Scroll down to the Blocking and Isolation section > Click Edit (pencil icon) for the desired Reputation

D.

Scroll down to the Blocking and Isolation section > Click Add application path > Enter the path of the desired application

Buy Now
Questions 18

What is a security benefit of VMware Carbon Black Cloud Endpoint Standard?

Options:

A.

A flexible query scheduler that can be used to gather information about the environment

B.

Visibility into the entire attack chain and customizable threat intelligence that can be used to gain insight into problems

C.

Customizable threat feeds that plug into a single agent and single console

D.

Policy rules that can be tested by selecting test rule next to the desired operation attempt

Buy Now
Exam Code: 5V0-93.22
Exam Name: VMware Carbon Black Cloud Endpoint Standard Skills
Last Update: Nov 20, 2024
Questions: 60

PDF + Testing Engine

$56  $159.99

Testing Engine

$42  $119.99
buy now 5V0-93.22 testing engine

PDF (Q&A)

$35  $99.99
buy now 5V0-93.22 pdf
dumpsmate guaranteed to pass
24/7 Customer Support

DumpsMate's team of experts is always available to respond your queries on exam preparation. Get professional answers on any topic of the certification syllabus. Our experts will thoroughly satisfy you.

Site Secure

mcafee secure

TESTED 21 Nov 2024