Which permission level is required when a user wants to install a sensor on a Windows endpoint?
A security administrator is tasked to enable Live Response on all endpoints in a specific policy.
What is the correct path to configure the required sensor policy setting?
What are the highest and lowest file reputation priorities, respectively, in VMware Carbon Black Cloud?
The administrator has configured a permission rule with the following options selected:
Application at path: C:\Users\*\Downloads\**
Operation Attempt: Performs any operation
Action: Bypass
What is the impact, if any, of using the wildcards in the path for this rule?
An administrator wants to prevent a spreadsheet from being misused to run malicious code, while minimizing the risk of breaking normal operations of a spreadsheet.
Which rule should be used?
Where can a user identify whether a sensor's signature pack is out-of-date in VMware Carbon Black Cloud?
An administrator has configured a terminate rule to prevent an application from running. The administrator wants to confirm that the new rule would have prevented a previous execution that had been observed.
Which feature should the administrator leverage for this purpose?
An administrator needs to configure a policy for macOS and Linux Sensors, not enabling settings which are only applicable to Windows.
Which three settings are only applicable to Sensors on the Windows operating system? (Choose three.)
A security administrator needs to remediate a security vulnerability that may affect the sensors. The administrator decides to use a tool that can provide interaction and remote access for further investigation.
Which tool is being used by the administrator?
Which command is used to immediately terminate a current Live Response session?
The VMware Carbon Black Cloud Sensor is not able to establish connectivity to the VMware Carbon Black Cloud Content Management URL over the standard SSL port TCP/443.
Which port, if any, will be the tailback?
An administrator has dismissed a group of alerts and ticked the box for "Dismiss future instances of this alert on all devices in all policies". There is also a Notification configured to email the administrator whenever an alert of the same Severity occurs. The following day, a new alert is added to the same group of alerts.
How will this alert be handled?
An administrator would like to proactively know that something may get blocked when putting a policy rule in the environment.
How can this information be obtained?
An administrator needs to fully analyze the relevant information of an event stored in the VMware Carbon Black Cloud.
On which page can this information be found?