Home / VMware / 5V0-93.22 / List of questions

VMware 5V0-93.22 Practice Test - Questions Answers, Page 2

Add to Whishlist

List of questions

Question 11

Report

Which statement is true regarding Blocking/Isolation rules and Permission rules?

A.

Blocking & Isolation rules are overridden by Upload Rules.

B.

Permission Rules are overridden by Blocking & Isolation rules

C.

Upload Rules are overridden by Blocking & Isolation rules.

D.

Blocking & Isolation rules are overridden by Permission Rules

Show Answer Comment (1)

Suggested answer: B

asked 16/09/2024

Yan Nguyen

39 questions

Question 12

Report

The VMware Carbon Black Cloud Sensor is not able to establish connectivity to the VMware Carbon Black Cloud Content Management URL over the standard SSL port TCP/443.

Which port, if any, will be the tailback?

Become a Premium Member for full access

Unlock Premium Member

Question 13

Report

An administrator has been tasked with preventing the use of unauthorized USB storage devices from being used in the environment.

Which item needs to be enabled in order to enforce this requirement?

Become a Premium Member for full access

Unlock Premium Member

Question 14

Report

An administrator needs to create a search, but it must exclude 'system.exe'.

How should this task be completed?

Become a Premium Member for full access

Unlock Premium Member

Question 15

Report

An administrator needs to use an ID to search and investigate security incidents in Carbon Black Cloud.

Which three IDs may be used for this purpose? (Choose three.)

Become a Premium Member for full access

Unlock Premium Member

Question 16

Report

Which VMware Carbon Black Cloud integration is supported for SIEM?

Become a Premium Member for full access

Unlock Premium Member

Question 17

Report

What connectivity is required for VMware Carbon Black Cloud Endpoint Standard to perform Sensor Certificate Validation?

Become a Premium Member for full access

Unlock Premium Member

Question 18

Report

An administrator wants to block an application by its path instead of reputation. The following steps have already been taken:

Go to Enforce > Policies > Select the desired policy >

Which additional steps must be taken to complete the task?

Become a Premium Member for full access

Unlock Premium Member

Question 19

Report

An administrator is investigating an alert and reads a summary that says:

The application powershell.exe was leveraged to make a potentially malicious network connection.

Which action should the administrator take immediately to block that connection?

Become a Premium Member for full access

Unlock Premium Member

Question 20

Report

Which command is used to immediately terminate a current Live Response session?

Become a Premium Member for full access

Unlock Premium Member

Total 60 questions

1 2 3 4 5

Next

Last

Go to page: of 6

Question 11 (1)

Which statement is true regarding Blocking/Isolation rules and Permission rules?

Question 12 (0)

The VMware Carbon Black Cloud Sensor is not able to establish connectivity to the VMware Carbon Black Cloud Content Management URL over the standard SSL port TCP/443. Which port, if any, will be th

Question 13 (0)

An administrator has been tasked with preventing the use of unauthorized USB storage devices from being used in the environment. Which item needs to be enabled in order to enforce this requirement?

Question 14 (0)

An administrator needs to create a search, but it must exclude 'system.exe'. How should this task be completed?

Question 15 (0)

An administrator needs to use an ID to search and investigate security incidents in Carbon Black Cloud. Which three IDs may be used for this purpose? (Choose three.)

Question 16 (0)

Which VMware Carbon Black Cloud integration is supported for SIEM?

Question 17 (0)

What connectivity is required for VMware Carbon Black Cloud Endpoint Standard to perform Sensor Certificate Validation?

Question 18 (0)

An administrator wants to block an application by its path instead of reputation. The following steps have already been taken: Go to Enforce > Policies > Select the desired policy > Which

Question 19 (0)

An administrator is investigating an alert and reads a summary that says: The application powershell.exe was leveraged to make a potentially malicious network connection. Which action should the a

Question 20 (0)

Which command is used to immediately terminate a current Live Response session?

Open VPLUS File

Convert VPLUS to PDF

Related questions

An administrator wants to block an application by its path instead of reputation. The following steps have already been taken: Go to Enforce > Policies > Select the desired policy > Which additional steps must be taken to complete the task?

Is it possible to search for unsigned files in the console?

A user downloaded and executed malware on a system. The malware is actively exfiltrating data. Which immediate action is recommended to prevent further exfiltration?

An administrator has determined that the following rule was the cause for an unexpected block: [Suspected malware] [Invokes a command interpreter] [Terminate process] All reputations for the process which was blocked show SUSPECT_MALWARE. Which reputation was used by the sensor for the decision to terminate the process?

The use of leading wildcards in a query is not recommended unless absolutely necessary because they carry a significant performance penalty for the search. What is an example of a leading wildcard?

An administrator would like to proactively know that something may get blocked when putting a policy rule in the environment. How can this information be obtained?

A security administrator is tasked to investigate an alert about a suspicious running process trying to modify a system registry. Which components can be checked to further inspect the cause of the alert?

A security administrator notices an unusual software behavior on an endpoint. The administrator immediately used the search query to collect data and start analyzing indicators to find the solution. What is a pre-requisite step in gathering specific vulnerability data to export it as a CSV file for analysis?

An administrator wants to prevent a spreadsheet from being misused to run malicious code, while minimizing the risk of breaking normal operations of a spreadsheet. Which rule should be used?

An administrator wants to prevent ransomware that has not been seen before, without blocking other processes. Which rule should be used?

Unlock Premium Member Feature for 5V0-93.22

BASIC - 1 Month

$ 3

Full latest questions

No CAPTCHA

New Updates

Export to VPLUS

Export to PDF - All questions

Team support

PLUS - 2 Months

$ 10

Full latest questions

No CAPTCHA

New Updates

Export to VPLUS

Export to PDF - All questions

Team support

PRO - 6 Months

$ 20

Full latest questions

No CAPTCHA

New Updates

Export to VPLUS

Export to PDF - All questions

Team support

BASIC - 1 Month

$ 3

Full latest questions

No CAPTCHA

New Updates

Export to VPLUS

Export to PDF - All questions

Team support

PLUS - 2 Months

$ 10

Full latest questions

No CAPTCHA

New Updates

Export to VPLUS

Export to PDF - All questions

Team support

PRO - 6 Months

$ 20

Full latest questions

No CAPTCHA

New Updates

Export to VPLUS

Export to PDF - All questions

Team support

How to open VPLUS file?

Convert VPLUS to PDF (DOCX)