Create Next App

Exam contains 52 questions

Page 7 of 9

Question 37 🔥

An analyst on the security team noticed that several alerts are false positives within Enterprise EDR. The analyst disables the IOC within the report from those alerts.Which statement correctly explains what disabling the IOC will accomplish?

Which database solution meets these requirements?

A. That specific IOC in the report will no longer generate hits or alerts on the device from the alert.

Highly voted

B. The report will no longer generate hits or alerts on the device from the alert.

Highly voted

C. That specific IOC in the report will no longer generate hits or alerts.

Highly voted

D. The report will no longer generate hits or alerts.

Highly voted

Discussion of the question

Question 38 🔥

Which identifier is shared by all events when an alert is investigated?

Which database solution meets these requirements?

A. Process ID

Highly voted

B. Event ID

Highly voted

C. Priority Score

Highly voted

D. Alert ID

Highly voted

Discussion of the question

Question 39 🔥

An Enterprise EDR administrator wants to use Watchlists curated by VMware Carbon Black and other threat intelligence specialists.How should the administrator add these curated Watchlists from the Watchlists page?

Which database solution meets these requirements?

A. Click Add Watchlists, and input the URL(s) for the desired Watchlists.

Highly voted

B. Click Take Action, select Edit, and select the desired Watchlists.

Highly voted

C. Click Take Action, and select Subscribe for the desired Watchlists.

Highly voted

D. Click Add Watchlists, on the Subscribe tab select the desired Watchlists, and click Subscribe.

Highly voted

Discussion of the question

Question 40 🔥

An incorrectly constructed watchlist generates 10,000 incorrect alerts.How should an administrator resolve this issue?

Which database solution meets these requirements?

A. Delete the watchlist to automatically clear the alerts, and then create a new watchlist with the correct criteria.

Highly voted

B. From the Triage Alerts Page, use the facets to select the watchlist, click the Wrench button to ג€Mark all as Resolved False Positiveג€, and then update the watchlist with the correct criteria.

Highly voted

C. Update the Triage Alerts Page to show 200 alerts, click the Select All Checkbox, click the ג€Dismiss Alert(s)ג€ button for each page, and then update the watchlist with the correct criteria.

Highly voted

D. From the Watchlists Page, select the offending watchlist, click ג€Clear Alertsג€ from the Action menu, and then update the watchlist with the correct criteria.

Highly voted

Discussion of the question

Question 41 🔥

Which list below captures all Enforcement Levels for App Control policies?

Which database solution meets these requirements?

A. Critical, Lockdown, Monitored, Tracking, Banning

Highly voted

B. High Enforcement, Medium Enforcement, Low Enforcement

Highly voted

C. High Enforcement, Medium Enforcement, Low Enforcement, None (Visibility), None (Disabled)

Highly voted

D. Control, Local Approval, Disabled

Highly voted

Discussion of the question

Question 42 🔥

A company uses Audit and Remediation to check configurations and adhere to compliance regulations. The regulations require monthly reporting and twelve months of data retained.How can an administrator accomplish this requirement with Audit and Remediation?

Which database solution meets these requirements?

A. Schedule the query to run monthly, and set the data retention to 12 months for the query.

Highly voted

B. Schedule the query to run monthly, and configure the audit log retention to 12 months.

Highly voted

C. Schedule the query to run monthly, and no further action is required.

Highly voted

D. Schedule the query to run monthly, and export the results for each run to an external location.

Highly voted

Discussion of the question

Ready to Pass Your Certification Test

vmware 5V0_9120

Exam contains 52 questions

Lorem ipsum dolor sit amet consectetur. Eget sed turpis aenean sit aenean. Integer at nam ullamcorper a.

Company

Product

Resources

Follow us