PrepAway - Latest Free Exam Questions & Answers

Author: admin

Which Sensor Status under Endpoint Health indicates that a system’s policy enforcement is disabled, and

Which Sensor Status under Endpoint Health indicates that a system’s policy enforcement is disabled, and the sensor is not sending security event data to the cloud? A. Quarantined B. Deregistered C. Inactive D. Bypass Reference: https://community.carbonblack.com/t5/Knowledge-Base/CB-Defense-What-Happens-When-Bypass-has-been-Enabled-on-the/ta-p/74905

PrepAway - Latest Free Exam Questions & Answers

In which two ways can the tamper protection on an App Control agent be disabled when diagnosing agent issues o

In which two ways can the tamper protection on an App Control agent be disabled when diagnosing agent issues or removing the agent? (Choose two.) A. From the Computer Details page on the web console B. From the Files on Computers page on the web console C. Run authenticated DasCLI on Windows command prompt D. […]

Why is the applied (cloud) reputation UNKNOWN and not NOT_LISTED?

An administrator observes the following event detail in the Investigate tab for an application with an unknown reputation making network connections: Upon further review of the event details returned, the reputation is observed as NOT_LISTED, and the applied (cloud) reputation is UNKNOWN. Why is the applied (cloud) reputation UNKNOWN and not NOT_LISTED? A. The sensor […]

Which rule will kill notepad.exe entirely if this activity is detected in the future?

An analyst has investigated two alerts on two separate HR workstations and found that notepad.exe has established communication to another IP address. Which rule will kill notepad.exe entirely if this activity is detected in the future? A. **\system32\notepad.exe –> Communicates over the network –> Terminate process B. **\system32\notepad.exe –> Runs or is Running –> Deny […]

Which three actions are available for sensors within the Sensor Group?

An administrator needs to manage a group of sensors from within the console. Which three actions are available for sensors within the Sensor Group? (Choose three.) A. Move to group B. Disable C. Restart D. Ban E. Uninstall F. Share Settings Reference: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwjttoeA3ILvAhU6QhUIHZaND-YQFjAAegQIARAD&url=https%3A%2F%2Fcommunity.carbonblack.com%2Fgbouw27325%2Fattachments%2Fgbouw27325%2Fproduct-docs-news%2F3020%2F1%2FCB_EDR_7.3_User_Guide.pdf&usg=AOvVaw23smt4s66MWHdv9jM2PYF- (86)

Which three actions are available to take on the alert?

An analyst is investigating an alert within the Enterprise EDR console and needs to take action on it. Which three actions are available to take on the alert? (Choose three.) A. Ignore alert B. Dismiss C. Dismiss on all devices if grouping is enabled D. Edit watchlist E. Save report G. Notifications history Reference: https://community.carbonblack.com/t5/Knowledge-Base/Carbon-Black-Cloud-How-to-Dismiss-Alerts/ta-p/51766

Which two statements are true about enabling deduplication and compression on an All-Flash vSAN cluster with d

Which two statements are true about enabling deduplication and compression on an All-Flash vSAN cluster with data? (Choose two.) A. On-disk format version 3.0 or later is required to support deduplication and compression. B. This can be enabled through storage policies and does not require any data migration. C. Deduplication and Compression cannot be enabled […]


Page 1 of 37212345...102030...Last »