Question 6 of 56
A Carbon Black administrator received an alert for an untrusted hash executing in the environment.
Which two information items are found in the alert pane? (Choose two.)
Which two information items are found in the alert pane? (Choose two.)
Correct Answer: A, B
Question 7 of 56
An administrator observes the following event detail in the Investigate tab for an application with an unknown reputation making network connections:
Upon further review of the event details returned, the reputation is observed as NOT_LISTED, and the applied (cloud) reputation is UNKNOWN.
Why is the applied (cloud) reputation UNKNOWN and not NOT_LISTED?
Upon further review of the event details returned, the reputation is observed as NOT_LISTED, and the applied (cloud) reputation is UNKNOWN.
Why is the applied (cloud) reputation UNKNOWN and not NOT_LISTED?
Correct Answer: C
Question 8 of 56
In which two ways can the tamper protection on an App Control agent be disabled when diagnosing agent issues or removing the agent? (Choose two.)
Correct Answer: A, C
Question 9 of 56
Which Sensor Status under Endpoint Health indicates that a system's policy enforcement is disabled, and the sensor is not sending security event data to the cloud?
Correct Answer: D
Question 10 of 56
An Enterprise EDR administrator has created a custom Watchiist and wants to add a custom query to a report in the custom Watchiist.
From which page can the administrator add this custom query?
From which page can the administrator add this custom query?
Correct Answer: C