5V0-93.22 exam

A security administrator needs to review the Live Response activities and commands that have been executed while performing a remediation process to the sensors. Where can the administrator view this information in the console?A . UsersB . Audit LogC . NotificationsD . InboxView AnswerAnswer: B

An organization has the following requirements for allowing application.exe: - Must not work for any user's D: drive - Must allow running only from inside of the user's TempAllowed directory - Must not allow running from anywhere outside of TempAllowed For example, on one user's machine, the path is C:UsersLorieTempAllowedapplication.exe....

An administrator wants to find information about real-world prevention rules that can be used in VMware Carbon Black Cloud Endpoint Standard. How can the administrator obtain this information?A . Refer to an external report from other security vendors to obtain solutions.B . Refer to the TAU-TIN's on the VMware Carbon...

An administrator is working in a development environment that has a policy rule applied and notices that there are too many blocks. The administrator takes action on the policy rule to troubleshoot the issue until the blocks are fixed. Which action should the administrator take?A . UnenforceB . DisableC ....

What connectivity is required for VMware Carbon Black Cloud Endpoint Standard to perform Sensor Certificate Validation?A . TCP/443 to GoDaddy OCSP and CRL URLs (crl.godaddy.com and ocsp.godaddy.com)B . TCP/80 to GoDaddy OCSP and CRL URLs (crl.godaddy.com and ocsp.godaddy.com)C . TCP/443 to GoDaddy CRL URL (crl.godaddy.com and ocsp.godaddy.com)D . TCP/80 to...

An administrator would like to proactively know that something may get blocked when putting a policy rule in the environment. How can this information be obtained?A . Search the data using the test rule functionality. B Examine log files to see what would be impactedB . Put the rules in...

An administrator needs to create a search, but it must exclude "system.exe". How should this task be completed?A . #process_name:system.exeB . *process_name:system.exeC . <process_name:system.exe>D . -process_name:system.exeView AnswerAnswer: D

A user downloaded and executed malware on a system. The malware is actively exfiltrating data. Which immediate action is recommended to prevent further exfiltration?A . Check Security Advisories and Threat Research contents.B . Place the device in quarantine.C . Run a background scan.D . Request upload of the file for...

The administrator has configured a permission rule with the following options selected: - Application at path: C:Program Files** - Operation Attempt: Performs any operation - Action: Bypass What is the impact, if any, of using the wildcards in the application at path field?A . Executable files in the "Program Files"...

A script-based attack has been identified that inflicted damage to the corporate systems. The security administrator found out that the malware was coded into Excel VBA and would like to perform a search to further inspect the incident. Where in the VMware Carbon Black Cloud Endpoint Standard console can this...