VMware 5V0-93.22 Practice Test - Questions Answers, Page 6

An organization has found application.exe running on some machines in their Workstations policy. Application.exe has a SUSPECT_MALWARE reputation and runs from C:\Program Files\IT\Tools. The Workstations policy has the following rules which could apply:

Blocking and Isolation Rule

Permissions Rule

Which action, if any, should an administrator take to ensure application.exe cannot run?

An administrator is tasked to create a reputation override for a company-critical application based on the highest available priority in the reputation list. The company-critical application is already known by VMware Carbon Black.

Which method of reputation override must the administrator use?

An administrator has configured a permission rule with the following options selected:

Application at path: C:\Program Files\**

Operation Attempt: Performs any operation

Action: Bypass

What is the impact, if any, of using the wildcards in the path?

What is a security benefit of VMware Carbon Black Cloud Endpoint Standard?

An administrator notices that a sensor's local AV signatures are out-of-date.

What effect does this have on newly discovered files?

In which tab of the VMware Carbon Black Cloud interface can sensor status details be found?

An administrator wants to block ransomware in the organization based on leadership's growing concern about ransomware attacks in their industry.

What is the most effective way to meet this goal?

Which port does the VMware Carbon Black sensor use to communicate to VMware Carbon Black Cloud?

A security administrator is tasked to enable Live Response on all endpoints in a specific policy.

What is the correct path to configure the required sensor policy setting?