1 / 11

VMware Carbon Black Portfolio Skills 5V0-91.20 Real Questions

PassQuestion VMware Carbon Black Portfolio Skills 5V0-91.20 Real Questions will help you prepare well for your coming exam with confidence.

examquestionsonline
Download Presentation

VMware Carbon Black Portfolio Skills 5V0-91.20 Real Questions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 5V0-91.20 Training Questions VMware Carbon Black Portfolio Skills https://www.passquestion.com/5V0-91.20.html

  2. Practice PassQuestion 5V0-91.20 Training Questions ensure your 100% success Question 1 An administrator wants to query the status of the firewall for all endpoints. The An administrator wants to query the status of the firewall for all endpoints. The administrator will query the registry key found here HKEY_LOCAL_MACHINE\SYSTE registry key found here HKEY_LOCAL_MACHINE\SYSTE M\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy M\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy \StandardProfile. To make the results easier to understand, the administrator wants to return either To make the results easier to understand, the administrator wants to return either enabled or disabled for the results, rather than the value from the registry key. enabled or disabled for the results, rather than the value from the registry key. Which SQL statement will rewrite the output based on a specific result set returned Which SQL statement will rewrite the output based on a specific result set returned from the system? from the system? A. CASE A. CASE B. AS B. AS C. ALTER C. ALTER D. SELECT D. SELECT Answer: A Answer: A administrator will query the \StandardProfile.

  3. Practice PassQuestion 5V0-91.20 Training Questions ensure your 100% success Question 2 An administrator runs multiple queries on tables and combines the results after the fact to correlate data. The An administrator runs multiple queries on tables and combines the results after the fact to correlate data. The administrator needs to combine rows from multiple tables based on data from a related column in each table. administrator needs to combine rows from multiple tables based on data from a related column in each table. Which SQL statement should be used to achieve this goal? Which SQL statement should be used to achieve this goal? A. JOIN A. JOIN B. WHERE B. WHERE C. AS C. AS D. COMBINE D. COMBINE Answer: A Answer: A

  4. Practice PassQuestion 5V0-91.20 Training Questions ensure your 100% success Question 3 An administrator wants to allow files to run from a network share. An administrator wants to allow files to run from a network share. Which rule type should the administrator configure? Which rule type should the administrator configure? A. Execute Prompt (Shared Path) A. Execute Prompt (Shared Path) B. Trusted Path B. Trusted Path C. Network Execute (Allow) C. Network Execute (Allow) D. Write Approve (Network) D. Write Approve (Network) Answer: A Answer: A

  5. Practice PassQuestion 5V0-91.20 Training Questions ensure your 100% success Question 4 What are the three available methods in VMware Carbon Black App Control by What are the three available methods in VMware Carbon Black App Control by which an endpoint (agent) can be assigned to a specific policy? (Choose three.) which an endpoint (agent) can be assigned to a specific policy? (Choose three.) A. By pushing the designated GPO script A. By pushing the designated GPO script B. Via DASCLI command B. Via DASCLI command C. By installing the agent via SCCM C. By installing the agent via SCCM D. Manual policy assignment D. Manual policy assignment E. By branded/policy-specific installer E. By branded/policy-specific installer F. By Active Directory Mapping F. By Active Directory Mapping Answer: C,D,F Answer: C,D,F

  6. Practice PassQuestion 5V0-91.20 Training Questions ensure your 100% success Question 5 Which Live Query statement is properly constructed? Which Live Query statement is properly constructed? A. SELECT A. SELECT * * FROM 'users' FROM 'users' B. select B. select * * from from * *: : C. select from users; C. select from users; D. SELECT D. SELECT * * FROM users; FROM users; Answer: D Answer: D

  7. Practice PassQuestion 5V0-91.20 Training Questions ensure your 100% success Question 6 An administrator has configured a policy to run a standard background scan. An administrator has configured a policy to run a standard background scan. How long does this one-time scan take to complete on endpoints assigned to that policy? How long does this one-time scan take to complete on endpoints assigned to that policy? A. 180 days A. 180 days B. 30 days B. 30 days C. 3-5 days C. 3-5 days D. 1 day D. 1 day Answer: B Answer: B

  8. Practice PassQuestion 5V0-91.20 Training Questions ensure your 100% success Question 7 An analyst is investigating an alert within the Enterprise EDR console and needs to take action on it. An analyst is investigating an alert within the Enterprise EDR console and needs to take action on it. Which three actions are available to take on the alert? (Choose three.) Which three actions are available to take on the alert? (Choose three.) A. Ignore alert A. Ignore alert B. Dismiss B. Dismiss C. Dismiss on all devices if grouping is enabled C. Dismiss on all devices if grouping is enabled D. Edit watchlist D. Edit watchlist E. Save report E. Save report F. Notifications history F. Notifications history Answer: B,C,E Answer: B,C,E

  9. Practice PassQuestion 5V0-91.20 Training Questions ensure your 100% success Question 8 Review this EDR query: Review this EDR query: childproc_name:whoami.exe AND childproc_name:hostname.exe AND childproc_name:whoami.exe AND childproc_name:hostname.exe AND childproc_name:tasklist.exe AND childproc_name:ipconfig.exe childproc_name:tasklist.exe AND childproc_name:ipconfig.exe Which process would show in the query results? Which process would show in the query results? A. Any process invoked by whoami.exe, hostname.exe, tasklist.exe, and ipconfig.exe A. Any process invoked by whoami.exe, hostname.exe, tasklist.exe, and ipconfig.exe B. Any process invoked by whoami.exe, hostname.exe, tasklist.exe, or ipconfig.exe B. Any process invoked by whoami.exe, hostname.exe, tasklist.exe, or ipconfig.exe C. Any process invoking whoami.exe, hostname.exe, tasklist.exe, or ipconfig.exe C. Any process invoking whoami.exe, hostname.exe, tasklist.exe, or ipconfig.exe D. Any process invoking whoami.exe, hostname.exe, tasklist.exe, and ipconfig.exe D. Any process invoking whoami.exe, hostname.exe, tasklist.exe, and ipconfig.exe Answer: D Answer: D

  10. Practice PassQuestion 5V0-91.20 Training Questions ensure your 100% success Question 9 An administrator is searching for any child processes of email clients with this query in Carbon Black An administrator is searching for any child processes of email clients with this query in Carbon Black Enterprise EDR: Enterprise EDR: parent_name:outlook.exe OR parent_name:thunderbird.exe OR parent_name:outlook.exe OR parent_name:thunderbird.exe OR parent_name:eudora.exe parent_name:eudora.exe The administrator would like to modify this query to only show child processes that do not have a known The administrator would like to modify this query to only show child processes that do not have a known reputation in the Carbon Black Cloud. reputation in the Carbon Black Cloud. Which search field can be added to the query to show the desired results? Which search field can be added to the query to show the desired results? A. process_integrity_level A. process_integrity_level B. process_reputation B. process_reputation C. process_privileges C. process_privileges D. process_cloud_reputation D. process_cloud_reputation Answer: B Answer: B

  11. Practice PassQuestion 5V0-91.20 Training Questions ensure your 100% success Question 10 An analyst is reviewing an alert in Enterprise EDR from a custom watchlist. The analyst disagrees with the An analyst is reviewing an alert in Enterprise EDR from a custom watchlist. The analyst disagrees with the alert severity rating. alert severity rating. How can the analyst change the alert severity value, if this is possible? How can the analyst change the alert severity value, if this is possible? A. The alert severity is assigned by the backend analytics. A. The alert severity is assigned by the backend analytics. B. The alert severity is not configurable. B. The alert severity is not configurable. C. Change the alert severity on the watchlist. C. Change the alert severity on the watchlist. D. Change the alert severity on the report. D. Change the alert severity on the report. Answer: C Answer: C

More Related