ExamGecko
Search Search Login
Home Home / VMware / 5V0-93.22
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

An administrator wants to block an application by its path instead of reputation. The following steps have already been taken: Go to Enforce > Policies > Select the desired policy > Which additional steps must be taken to complete the task?
A user downloaded and executed malware on a system. The malware is actively exfiltrating data. Which immediate action is recommended to prevent further exfiltration?
A security administrator is tasked to investigate an alert about a suspicious running process trying to modify a system registry. Which components can be checked to further inspect the cause of the alert?
Where can a user identify whether a sensor's signature pack is out-of-date in VMware Carbon Black Cloud?
Is it possible to search for unsigned files in the console?
An administrator has determined that the following rule was the cause for an unexpected block: [Suspected malware] [Invokes a command interpreter] [Terminate process] All reputations for the process which was blocked show SUSPECT_MALWARE. Which reputation was used by the sensor for the decision to terminate the process?
The use of leading wildcards in a query is not recommended unless absolutely necessary because they carry a significant performance penalty for the search. What is an example of a leading wildcard?
What are the highest and lowest file reputation priorities, respectively, in VMware Carbon Black Cloud?
An administrator wants to prevent ransomware that has not been seen before, without blocking other processes. Which rule should be used?
An administrator needs to add an application to the Approved List in the VMware Carbon Black Cloud console. Which two different methods may be used for this purpose? (Choose two.)

Question 5 - 5V0-93.22 discussion

Report
Export

An administrator wants to prevent a spreadsheet from being misused to run malicious code, while minimizing the risk of breaking normal operations of a spreadsheet.

Which rule should be used?

A.
**\Microsoft Office\** [Runs external code] [Terminate process]
Answers
A.
**\Microsoft Office\** [Runs external code] [Terminate process]
B.
**\excel.exe [Invokes a command interpreter] [Deny operation]
Answers
B.
**\excel.exe [Invokes a command interpreter] [Deny operation]
C.
**/Microsoft Excel.app/** [Communicates over the network] [Terminate process]
Answers
C.
**/Microsoft Excel.app/** [Communicates over the network] [Terminate process]
D.
**\excel.exe [Runs malware] [Deny operation]
Answers
D.
**\excel.exe [Runs malware] [Deny operation]
Suggested answer: B
Show Answer
asked 16/09/2024
Alejandro Ramirez Cuesta
37 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms