An administrator is reviewing how event data is categorized and identified in VMware Carbon Black Cloud.Which method is used?
Which scenario would qualify for the "Local White" Reputation?
An organization is seeing a new malicious process that has not been seen before.Which tool can be used to block this process?
An administrator needs to make sure all files are scanned locally upon execution.Which setting is necessary to complete this task?
An organization has found application.exe running on some machines in their Workstations policy. Application.exe has a SUSPECT_MALWARE reputation and runs from C:\Program Files\IT\Tools. The Workstations policy has the following rules which could apply:Blocking and Isolation Rule -Application on the company banned list > Runs or is running > DenyKnown malware > Runs or is running > DenySuspect malware > Runs or is running > TerminatePermissions Rule -C:\Program Files\IT\Tools\* > Performs any operation > BypassWhich action, if any, should an administrator take to ensure application.exe cannot run?
An administrator is tasked to create a reputation override for a company-critical application based on the highest available priority in the reputation list. The company-critical application is already known by VMware Carbon Black.Which method of reputation override must the administrator use?
