What are the highest and lowest file reputation priorities, respectively, in VMware Carbon Black Cloud?
What are the highest and lowest file reputation priorities, respectively, in VMware Carbon Black Cloud?A . Priority 1: Ignore, Priority 11: UnknownB . Priority 1: Unknown, Priority 11: IgnoreC . Priority 1: Known Malware, Priority 11: Common WhiteD . Priority 1: Company Allowed, Priority 11: Not Listed/Adaptive WhiteView AnswerAnswer: C
Which VMware Carbon Black Cloud integration is supported for SIEM?
Which VMware Carbon Black Cloud integration is supported for SIEM?A . SolarWindsB . LogRhythmC . Splunk AppD . DatadogView AnswerAnswer: C
How can the administrator obtain this information?
An administrator wants to find information about real-world prevention rules that can be used in VMware Carbon Black Cloud Endpoint Standard. How can the administrator obtain this information?A . Refer to an external report from other security vendors to obtain solutions.B . Refer to the TAU-TIN's on the VMware Carbon...
Which immediate action is recommended to prevent further exfiltration?
A user downloaded and executed malware on a system. The malware is actively exfiltrating data. Which immediate action is recommended to prevent further exfiltration?A . Check Security Advisories and Threat Research contents.B . Place the device in quarantine.C . Run a background scan.D . Request upload of the file for...
Which additional steps must be taken to complete the task?
An administrator wants to block an application by its path instead of reputation. The following steps have already been taken: Go to Enforce > Policies > Select the desired policy > Which additional steps must be taken to complete the task?A . Click Enforce > Add application path nameB ....
Which command is used to immediately terminate a current Live Response session?
Which command is used to immediately terminate a current Live Response session?A . killB . detach -qC . deleteD . execfgView AnswerAnswer: B
What connectivity is required for VMware Carbon Black Cloud Endpoint Standard to perform Sensor Certificate Validation?
What connectivity is required for VMware Carbon Black Cloud Endpoint Standard to perform Sensor Certificate Validation?A . TCP/443 to GoDaddy OCSP and CRL URLs (crl.godaddy.com and ocsp.godaddy.com)B . TCP/80 to GoDaddy OCSP and CRL URLs (crl.godaddy.com and ocsp.godaddy.com)C . TCP/443 to GoDaddy CRL URL (crl.godaddy.com and ocsp.godaddy.com)D . TCP/80 to...
Which three IDs may be used for this purpose?
An administrator needs to use an ID to search and investigate security incidents in Carbon Black Cloud. Which three IDs may be used for this purpose? (Choose three.)A . ThreatB . HashC . SensorD . EventE . UserF . AlertView AnswerAnswer: B, C, D
Which item needs to be enabled in order to enforce this requirement?
An administrator has been tasked with preventing the use of unauthorized USB storage devices from being used in the environment. Which item needs to be enabled in order to enforce this requirement?A . Enable the Block access to all unapproved USB devices within the policies option.B . Choose to disable...
How should this task be completed?
An administrator needs to create a search, but it must exclude "system.exe". How should this task be completed?A . #process_name:system.exeB . *process_name:system.exeC . <process_name:system.exe>D . -process_name:system.exeView AnswerAnswer: D