VMware 5V0-91.20 - VMware Carbon Black Portfolio Skills Exam
Page: 1 / 12
Total 56 questions
Question #1 (Topic: Topic 1)
An administrator is troubleshooting App Control agent issues. When navigating to the Computer Details page, the administrator sees the following:
[VMware-5V0-91.20-1.0/xmlfile-2_1.jpg]
What is the status of the WINDOWS-CLIENT agent?
[VMware-5V0-91.20-1.0/xmlfile-2_1.jpg]
What is the status of the WINDOWS-CLIENT agent?
A. Connected and Up to date
B. Disconnected and Up to date
C. Connected but unsupported
D. Connected but health check failed
Answer: B
Question #2 (Topic: Topic 1)
There is a need to ignore all activity at an application path.
Which rule definition should be used to address this need?
Which rule definition should be used to address this need?
A. Application at Path, Performs any operation, Bypass
B. Application at Path, Runs or is Running, Bypass
C. Application at Path, Runs or is Running, Allow & Log
D. Application at Path, Performs any operation, Allow & Log
Answer: A
Question #3 (Topic: Topic 1)
An analyst is investigating an alert within the Enterprise EDR console and needs to take action on it.
Which three actions are available to take on the alert? (Choose three.)
Which three actions are available to take on the alert? (Choose three.)
A. Ignore alert
B. Dismiss
C. Dismiss on all devices if grouping is enabled
D. Edit watchlist
E. Save report
F. Notifications history
Answer: BCE
Question #4 (Topic: Topic 1)
An administrator needs to manage a group of sensors from within the console.
Which three actions are available for sensors within the Sensor Group? (Choose three.)
Which three actions are available for sensors within the Sensor Group? (Choose three.)
A. Move to group
B. Disable
C. Restart
D. Ban
E. Uninstall
F. Share Settings
Answer: ACE
Question #5 (Topic: Topic 1)
An analyst has investigated two alerts on two separate HR workstations and found that notepad.exe has established communication to another IP address.
Which rule will kill notepad.exe entirely if this activity is detected in the future?
Which rule will kill notepad.exe entirely if this activity is detected in the future?
A. **\system32\notepad.exe --> Communicates over the network --> Terminate process
B. **\system32\notepad.exe --> Runs or is Running --> Deny operation
C. **/system32/notepad.exe --> Runs or is Running --> Terminate process
D. **/system32/notepad.exe--> Communicates over the network --> Deny operation
Answer: C
