Why would a sensor have a status of "Inactive"?

CORRECT TEXT Why would a sensor have a status of "Inactive"?A . The sensor has not checked in within the last 30 days.B . The sensor has been uninstalled from the endpoint for more than 30 days.C . The device has been put in bypass for the last 30 days.D...

April 6, 2021 No Comments READ MORE +

Which two logic statements correctly explain filtering within the UI?

Refer to the exhibit: Which two logic statements correctly explain filtering within the UI? (Choose two.)A . Filtering between fields is a logical ORB . Filtering within the same field is a logical ANDC . Filtering between fields is a logical ANDD . Filtering between fields is a logical XORE...

April 6, 2021 No Comments READ MORE +

Which two information items are found in the alert pane?

A Carbon Black administrator received an alert for an untrusted hash executing in the environment. Which two information items are found in the alert pane? (Choose two.)A . Launch Live QueryB . Launch process analysisC . User quarantineD . Add hash to banned listE . IOC short nameView AnswerAnswer: A,B

April 6, 2021 No Comments READ MORE +

Which rule type should be used to ensure that files of the same name and path, written by that process in the future, will not be blocked when they execute?

A process wrote an executable file as detailed in the following event: Which rule type should be used to ensure that files of the same name and path, written by that process in the future, will not be blocked when they execute?A . Trusted PathB . File Creation ControlC ....

April 5, 2021 No Comments READ MORE +

How long will Live Queries in Carbon Black Audit and Remediation run before timing out?

How long will Live Queries in Carbon Black Audit and Remediation run before timing out?A . 30 daysB . 14 daysC . 180 daysD . 7 daysView AnswerAnswer: D

April 5, 2021 No Comments READ MORE +

Which statement is true when searching through the EDR server UI?

Which statement is true when searching through the EDR server UI?A . The backslash is the character to escape characters.B . Whitespaces between search terms imply the OR operator.C . The percent symbol % is the character to represent a wildcard.D . The exclamation point ! is the character...

April 5, 2021 No Comments READ MORE +

Which Enforcement level is currently enacted?

When executing a program in App Control, the notification message informs the user that the file is not approved with an option to request approval. Which Enforcement level is currently enacted?A . HighB . LowC . MediumD . DefaultView AnswerAnswer: D

April 5, 2021 No Comments READ MORE +

What is the initial inventory procedure called, and how can this process be triggered?

Carbon Black App Control maintains an inventory of all interesting (executable) files on endpoints where the agent is installed. What is the initial inventory procedure called, and how can this process be triggered?A . Inventorying; enable Discovery modeB . Baselining; install the agentC . Discovery; place agent into Disabled modeD...

April 4, 2021 No Comments READ MORE +

What are the three available methods in VMware Carbon Black App Control by which an endpoint (agent) can be assigned to a specific policy? (Choose three.)

What are the three available methods in VMware Carbon Black App Control by which an endpoint (agent) can be assigned to a specific policy? (Choose three.)A . By pushing the designated GPO scriptB . Via DASCLI commandC . By installing the agent via SCCMD . Manual policy assignmentE . By...

April 4, 2021 No Comments READ MORE +

Which three statements are true from the results shown?

An Endpoint Standard analyst runs the query in the graphic below: Which three statements are true from the results shown? (Choose three.)A . The process is a PowerShell process running a script with a .ps1 extension.B . The process has a threat score greater than 4.C . The process made...

April 4, 2021 No Comments READ MORE +