VMware Carbon Black Portfolio Skills - 5V0-91.20 Exam Practice Test

Question 1

There is a need to ignore all activity at an application path.
Which rule definition should be used to address this need?

A. Application at Path, Runs or is Running, Allow & Log

B. Application at Path, Performs any operation, Bypass

C. Application at Path, Runs or is Running, Bypass

D. Application at Path, Performs any operation, Allow & Log

Correct Answer: B

Question 2

Given the following query:
SELECT hostname, cpu_type, cpu_brand, cpu_physical_cores, cpu_logical_cores, cpu_microcode, (1.0 * physical_memory / (1000*1000*1000)) AS physical_mem_gb, hardware_vendor, hardware_model, hardware_version, hardware_serial FROM system_info; Which statement Is correct?

A. This query customizes the results returned by the system.

B. This query is missing a filter option.

C. This query shows data from the physical_mem_gb column.

D. This query combines data from several different tables.

Correct Answer: B

Question 3

While an administrator is reviewing an alert, the device is observed beaconing to an unknown destination.
Which action should be taken to stop this behavior?

A. Deregister the sensor

B. Assign the application to the Approved List

C. Place the device in Quarantine

D. Put the device in Bypass mode

Correct Answer: D

Question 4

Refer to the exhibit:

Which two logic statements correctly explain filtering within the UI? (Choose two.)

A. Filtering between fields is a logical AND

B. Filtering between fields is a logical OR

C. Filtering within the same field is a logical OR

D. Filtering between fields is a logical XOR

E. Filtering within the same field is a logical AND

Correct Answer: B,D

Question 5

How can an analyst disregard alerts on multiple devices with the least amount of administrative effort?

A. Select the "Dismiss on all devices" option.

B. Turn off the Group Alerts option.

C. Search by hash and dismiss.

D. Make a note in the Notes/Tags option.

Correct Answer: B

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

Question 6

After an emergency, what does the Restore computer button do on the App Control Home page?

A. Move all computers to High Enforcement level

B. Move all computers to Low Enforcement level

C. Move all computers to Medium Enforcement level

D. Move all computers to the original Enforcement level

Correct Answer: D

Question 7

Which Live Query statement is properly constructed?

A. select from users;

B. select * from *:

C. SELECT * FROM users;

D. SELECT * FROM 'users'

Correct Answer: C

VMware Carbon Black Portfolio Skills - 5V0-91.20 Exam Practice Test

Latest Update

Useful Links

Contact Us