VMware 5V0-93.22 Exam Questions

Question 6 of 60

An administrator wants to block an application by its path instead of reputation. The following steps have already been taken:
Go to Enforce > Policies > Select the desired policy >
Which additional steps must be taken to complete the task?

A.

Click Enforce > Add application path name

B.

Scroll down to the Permissions section > Click Add application path > Enter the path of the desired application

C.

Scroll down to the Blocking and Isolation section > Click Edit (pencil icon) for the desired Reputation

D.

Scroll down to the Blocking and Isolation section > Click Add application path > Enter the path of the desired application

Question 7 of 60

An administrator is investigating an alert and reads a summary that says:
The application powershell.exe was leveraged to make a potentially malicious network connection.
Which action should the administrator take immediately to block that connection?

A.

Click Delete Application

B.

Click Quarantine Asset

C.

Click Export Alert

D.

Click Drop Connection

Question 8 of 60

Which command is used to immediately terminate a current Live Response session?

A.

kill

B.

detach -q

C.

delete

D.

execfg

Question 9 of 60

A user downloaded and executed malware on a system. The malware is actively exfiltrating data.
Which immediate action is recommended to prevent further exfiltration?

A.

Check Security Advisories and Threat Research contents.

B.

Place the device in quarantine.

C.

Run a background scan.

D.

Request upload of the file for analysis.

Question 10 of 60

What are the highest and lowest file reputation priorities, respectively, in VMware Carbon Black Cloud?

A.

Priority 1: Ignore, Priority 11: Unknown

B.

Priority 1: Unknown, Priority 11: Ignore

C.

Priority 1: Known Malware, Priority 11: Common White

D.

Priority 1: Company Allowed, Priority 11: Not Listed/Adaptive White