• Home
  • Articles
  • Latest 2022 Realistic Verified 5V0-91.20 Dumps - 100% Free 5V0-91.20 Exam Dumps [Q57-Q76]

Latest 2022 Realistic Verified 5V0-91.20 Dumps - 100% Free 5V0-91.20 Exam Dumps [Q57-Q76]

Share

Latest 2022 Realistic Verified 5V0-91.20 Dumps - 100% Free 5V0-91.20 Exam Dumps

Get 2022 Updated Free VMware 5V0-91.20 Exam Questions and Answer

NEW QUESTION 57
Refer to the exhibit:

Which two logic statements correctly explain filtering within the UI? (Choose two.)

  • A. Filtering between fields is a logical OR
  • B. Filtering between fields is a logical XOR
  • C. Filtering within the same field is a logical OR
  • D. Filtering between fields is a logical AND
  • E. Filtering within the same field is a logical AND

Answer: A,B

 

NEW QUESTION 58
Refer to the exhibit:

Which two statements are true about Carbon Black Live Response (CBLR)? (Choose two.)

  • A. A CBLR session already exists.
  • B. A CBLR session is established.
  • C. CBLR is disabled.
  • D. CBLR is enabled.
  • E. A CBLR session is not attached.

Answer: A,E

 

NEW QUESTION 59
An administrator has updated a Threat Intelligence Report by turning it into a watchlist and needs to disable (Ignore) the old Threat Intelligence Report.
Where in the UI is this action not possible to perform?

  • A. Triage Alerts Page
  • B. Threat Report Page
  • C. Threat Intelligence Feeds Page
  • D. Search Threat Reports Page

Answer: C

 

NEW QUESTION 60
How often do watchlists run?

  • A. Watchlists can be configured to run at scheduled intervals
  • B. Every 30 minutes
  • C. Every 10 minutes
  • D. Every 5 minutes

Answer: A

 

NEW QUESTION 61
Level 3 service desk personnel have been approved to modify computer enforcement levels by security governance.
Which set of steps is required to implement this change?

  • A. Create new user role, map AD group to role, assign permission "Temporary assign computers" to role.
  • B. Assign permission "Temporary assign computers" to each user.
  • C. Create new user role, assign permission "Manage computers" to role.
  • D. Create new user role, map AD group to role, assign permission "Manage computers" to role.

Answer: B

 

NEW QUESTION 62
An Endpoint Standard administrator is working with an IT team to explicitly permit specific applications from the environment using both the IT Tools and Certs Approved List features.
Once applied, which reputation would these applications be classified under for processing?

  • A. Trusted White
  • B. Local White
  • C. Company White
  • D. Common White

Answer: A

 

NEW QUESTION 63
An incorrectly constructed watchlist generates 10,000 incorrect alerts.
How should an administrator resolve this issue?

  • A. Update the Triage Alerts Page to show 200 alerts, click the Select All Checkbox, click the "Dismiss Alert(s)" button for each page, and then update the watchlist with the correct criteria.
  • B. From the Watchlists Page, select the offending watchlist, click "Clear Alerts" from the Action menu, and then update the watchlist with the correct criteria.
  • C. Delete the watchlist to automatically clear the alerts, and then create a new watchlist with the correct criteria.
  • D. From the Triage Alerts Page, use the facets to select the watchlist, click the Wrench button to "Mark all as Resolved False Positive", and then update the watchlist with the correct criteria.

Answer: D

 

NEW QUESTION 64
A Carbon Black administrator received an alert for an untrusted hash executing in the environment.
Which two information items are found in the alert pane? (Choose two.)

  • A. Launch process analysis
  • B. Launch Live Query
  • C. User quarantine
  • D. IOC short name
  • E. Add hash to banned list

Answer: A,B

 

NEW QUESTION 65
The security operations group is complaining that they are getting multiple App Control alerts for specific malicious files after they have banned the file.
Which step is necessary to prevent future alerts on these files?

  • A. Edit the Malicious File Detected Alert. Select the criteria: Ignore already banned files.
  • B. Set the Alert Status to Disabled.
  • C. Disable the Reminder Mail.
  • D. Edit the Malicious File Detected Alert. Select the criteria: Ignore already banned files and Ignore already approved files.

Answer: C

 

NEW QUESTION 66
Which strategy is used to create an exclusion in Endpoint Standard for another AV/security product?

  • A. Permission Rule
  • B. Isolation Rule
  • C. Approved List
  • D. Bypass Mode

Answer: C

 

NEW QUESTION 67
Which wildcard configuration applies a policy to all files and subfolders in a specific folder in Endpoint Standard?

  • A. C:\Program Files\example\$$
  • B. C:\Program Files\example\$
  • C. C:\Program Files\example\*
  • D. C:\Program Files\example\**

Answer: D

 

NEW QUESTION 68
This search is entered into the process search page: notepad.exe
Which three statements about this query are true? (Choose three.)

  • A. The search will fail with an error.
  • B. Since a field name is not selected, query performance will be impacted.
  • C. Only processes named notepad.exe will be returned.
  • D. Processes with registry modifications containing notepad.exe would be retuned.
  • E. All processes containing the text notepad.exe in any default field.
  • F. A field identifier is required for all criteria within a process search.

Answer: B,D,E

 

NEW QUESTION 69
An administrator wants to query the status of the firewall for all endpoints. The administrator will query the registry key found here HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy
\StandardProfile.
To make the results easier to understand, the administrator wants to return either enabled or disabled for the results, rather than the value from the registry key.
Which SQL statement will rewrite the output based on a specific result set returned from the system?

  • A. CASE
  • B. AS
  • C. SELECT
  • D. ALTER

Answer: A

 

NEW QUESTION 70
An analyst has investigated multiple alerts on a number of HR workstations and found that java.exe is attempting to PowerShell. Of the Windows workstations in question, the analyst has also found that Java is installed in multiple locations. The analyst needs to block java.exe from this type of operation.
Which rule meets this need?

  • A. **/java.exe -> Invokes an untrusted process -> Terminate process
  • B. **/Program Files/*/java.exe-> Invokes an untrusted process -> Deny operation
  • C. **\Program Files\*\java.exe -> Invokes a command interpreter -> Terminate process
  • D. **\java.exe -> Invokes a command interpreter -> Deny operation

Answer: C

 

NEW QUESTION 71
A Carbon Black Cloud Endpoint Standard analyst is testing different search operator combinations.
Which two queries produce the same result? (Choose two.)

  • A. process_name:chrome.exe netconn_domain:google.com
  • B. process_narne:chrome.exe NOT netconn_domain:google.com
  • C. process_name:chrome.exe OR NOT netconn_domain:google.com
  • D. process_name:chrome.exe OR netconn_domain:google.com
  • E. process_name:chrome.exe AND NOT netconn_domain:google.com

Answer: B,C

 

NEW QUESTION 72
An administrator needs to manage a group of sensors from within the console.
Which three actions are available for sensors within the Sensor Group? (Choose three.)

  • A. Uninstall
  • B. Disable
  • C. Restart
  • D. Ban
  • E. Move to group
  • F. Share Settings

Answer: A,C,E

 

NEW QUESTION 73
A company uses Audit and Remediation to check configurations and adhere to compliance regulations. The regulations require monthly reporting and twelve months of data retained.
How can an administrator accomplish this requirement with Audit and Remediation?

  • A. Schedule the query to run monthly, and set the data retention to 12 months for the query.
  • B. Schedule the query to run monthly, and configure the audit log retention to 12 months.
  • C. Schedule the query to run monthly, and export the results for each run to an external location.
  • D. Schedule the query to run monthly, and no further action is required.

Answer: C

 

NEW QUESTION 74
An authorized administrator plans to remove the App Control agent from a computer.
Which Enforcement Level must a computer be in before the agent can be uninstalled?

  • A. Any Enforcement Level
  • B. Visibility
  • C. None (Disabled)
  • D. Low Enforcement

Answer: A

 

NEW QUESTION 75
An Endpoint Standard administrator finds a binary in the environment and decides to manually add the file hash to the Banned List.
Which reputation does the file now have?

  • A. Known Malware
  • B. Suspect/Heuristic Malware
  • C. Adware/PUP Malware
  • D. Company Black

Answer: B

 

NEW QUESTION 76
......


VMware 5V0-91.20: VMware Carbon Black Portfolio Skills Certification Path

5V0-91.20 practice test is included in the training of the Certification Base Standard. As such, this course has no preconditions. Anyone who is interested in VmWare technology and comfortable with it is welcome to seek this credential. The VMware Carbon Black EndPoint Security 2021 5V0-91.20 credentials have higher job efficiency and pay. The 5V0-91.20 exam is considered to be one of the most relevant qualifications in the IT sector. You must first pass the 5V0-91.20 Carbon Black Portfolio Skills test before moving on to the VMware Carbon Black EndPoint Security 2021 5V0-91.20.Candidates favor costly methods of scheduling the study 5V0-91.20. They are planning on-line exams for VMware Carbon Black EndPoint Security 2021 5V0-91.20. They might be well on their way, but their darkened face at the end shows their fear of the final VMware Carbon Black Portfolio 5V0-91.20 test. The question, why fear the final test of VMware Carbon Black EndPoint Security 2021 5V0-91.20 even if you spend too much money? The response is that one of the most important VMware Carbon Black EndPoint Security 2021 5V0-91.20 exam preparation phases is missing from the 5V0-91.20 review process. VMware Carbon Black EndPoint Security 2021 5V0-91.20 The VMware Carbon Black Portfolio Skills 5V0-91.20 is the perfect location for training and evaluation at first. Dumps clears all the confusion over the final test 5V0-91.20 and confides your skepticism. VMware Carbon Black EndPoint Security 2021 5V0-91.20 exam dumps is the only trustworthy name which provides real upgraded 2021 5V0-91,20 Carbon Black EndPoint Security exam dumps. The real 5V0-91.20 test questions of VMware Carbon Black Portfolio would enable you to prepare and pass VMware Carbon Black EndPoint Security 2021 5V0-91.20 research. Never neglect this crucial preparing period for VMware's Carbon Black Portfolio 5V0-91.20 analysis, as training without 5V0-91.20 exam dumps is inadequate.

 

5V0-91.20 Dumps PDF and Test Engine Exam Questions: https://pass4sure.updatedumps.com/VMware/5V0-91.20-updated-exam-dumps.html

Related Articles

more
VMware 5V0-91.20 Certification Practice Exam