VMware 5V0-93.22 Practice Test - Questions Answers, Page 4

An organization has the following requirements for allowing application.exe:

For example, on one user's machine, the path is C:\Users\Lorie\Temp\Allowed\application.exe.

Which path meets this criteria using wildcards?

The use of leading wildcards in a query is not recommended unless absolutely necessary because they carry a significant performance penalty for the search.

What is an example of a leading wildcard?

Where can a user identify whether a sensor's signature pack is out-of-date in VMware Carbon Black Cloud?

A security administrator is tasked to investigate an alert about a suspicious running process trying to modify a system registry.

Which components can be checked to further inspect the cause of the alert?

An administrator wants to be notified when particular Tactics, Techniques, or Procedures (TTPs) are observed on a managed endpoint.

Which notification option must the administrator configure to receive this notification?

An administrator needs to configure a policy for macOS and Linux Sensors, not enabling settings which are only applicable to Windows.

Which three settings are only applicable to Sensors on the Windows operating system? (Choose three.)

An administrator has configured a terminate rule to prevent an application from running. The administrator wants to confirm that the new rule would have prevented a previous execution that had been observed.

Which feature should the administrator leverage for this purpose?

What is a security benefit of VMware Carbon Black Cloud Endpoint Standard?

A recent application has been blocked using hash ban, which is an indicator that some users attempted an unexpected activity. Even though the activity was blocked, the security administrator wants to further investigate the attempt in VMware Carbon Black Cloud Endpoint Standard.

Which page should the administrator navigate to for a graphical view of the event?