VMware 5V0-91.20 VMware Carbon Black Portfolio Skills Online Training
VMware 5V0-91.20 Online Training
The questions for 5V0-91.20 were last updated at Dec 20,2024.
- Exam Code: 5V0-91.20
- Exam Name: VMware Carbon Black Portfolio Skills
- Certification Provider: VMware
- Latest update: Dec 20,2024
An administrator wants to query the status of the firewall for all endpoints. The administrator will query the registry key found here HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParameter sFirewallPolicy
StandardProfile.
To make the results easier to understand, the administrator wants to return either enabled or disabled for the results, rather than the value from the registry key.
Which SQL statement will rewrite the output based on a specific result set returned from the system?
- A . CASE
- B . AS
- C . ALTER
- D . SELECT
An analyst navigates to the alerts page in Endpoint Standard and sees the following:
What does the yellow color represent on the left side of the row?
- A . It is an alert from a watchlist rather than the analytics engine.
- B . It is a threat alert and warrants immediate investigation.
- C . It is an observed alert and may indicate suspicious behavior.
- D . It is a dismissed alert within the user interface.
An Enterprise EDR administrator sees the process in the graphic on the Investigate page but does not see an alert for this process:
How can the administrator generate an alert for future hits against this watchlist?
- A . select the watchlist on the watchlists page, select the Scheduled Task Created report, and use Take Action to select Alert on hit for the report.
- B . Select the watchlist on the watchlists page, select the Scheduled Task Created report, and use Take Action to toggle Alert on hit to On.
- C . Select the watchlist on the watchlists page and click on Alerts: Off to toggle the alerts to On.
- D . Select the watchlist on the watchlists page, use Take Action to select Edit, and select Alert on hit.
An administrator runs multiple queries on tables and combines the results after the fact to correlate data. The administrator needs to combine rows from multiple tables based on data from a related column in each table.
Which SQL statement should be used to achieve this goal?
- A . JOIN
- B . WHERE
- C . AS
- D . COMBINE
An administrator wants to allow files to run from a network share.
Which rule type should the administrator configure?
- A . Execute Prompt (Shared Path)
- B . Trusted Path
- C . Network Execute (Allow)
- D . Write Approve (Network)
What are the three available methods in VMware Carbon Black App Control by which an endpoint (agent) can be assigned to a specific policy? (Choose three.)
- A . By pushing the designated GPO script
- B . Via DASCLI command
- C . By installing the agent via SCCM
- D . Manual policy assignment
- E . By branded/policy-specific installer
- F . By Active Directory Mapping
Which Live Query statement is properly constructed?
- A . SELECT * FROM ‘users’
- B . select * from *:
- C . select from users;
- D . SELECT * FROM users;
An administrator has configured a policy to run a standard background scan.
How long does this one-time scan take to complete on endpoints assigned to that policy?
- A . 180 days
- B . 30 days
- C . 3-5 days
- D . 1 day
An analyst is investigating an alert within the Enterprise EDR console and needs to take action on it.
Which three actions are available to take on the alert? (Choose three.)
- A . Ignore alert
- B . Dismiss
- C . Dismiss on all devices if grouping is enabled
- D . Edit watchlist
- E . Save report
- F . Notifications history
Review this EDR query:
childproc_name:whoami.exe AND childproc_name:hostname.exe AND childproc_name:tasklist.exe AND childproc_name:ipconfig.exe
Which process would show in the query results?
- A . Any process invoked by whoami.exe, hostname.exe, tasklist.exe, and ipconfig.exe
- B . Any process invoked by whoami.exe, hostname.exe, tasklist.exe, or ipconfig.exe
- C . Any process invoking whoami.exe, hostname.exe, tasklist.exe, or ipconfig.exe
- D . Any process invoking whoami.exe, hostname.exe, tasklist.exe, and ipconfig.exe