PrepAway - Latest Free Exam Questions & Answers

Tag: 5V0-91.20

Which Sensor Status under Endpoint Health indicates that a system’s policy enforcement is disabled, and

Which Sensor Status under Endpoint Health indicates that a system’s policy enforcement is disabled, and the sensor is not sending security event data to the cloud? A. Quarantined B. Deregistered C. Inactive D. Bypass Reference: https://community.carbonblack.com/t5/Knowledge-Base/CB-Defense-What-Happens-When-Bypass-has-been-Enabled-on-the/ta-p/74905

In which two ways can the tamper protection on an App Control agent be disabled when diagnosing agent issues o

In which two ways can the tamper protection on an App Control agent be disabled when diagnosing agent issues or removing the agent? (Choose two.) A. From the Computer Details page on the web console B. From the Files on Computers page on the web console C. Run authenticated DasCLI on Windows command prompt D. […]

Why is the applied (cloud) reputation UNKNOWN and not NOT_LISTED?

An administrator observes the following event detail in the Investigate tab for an application with an unknown reputation making network connections: Upon further review of the event details returned, the reputation is observed as NOT_LISTED, and the applied (cloud) reputation is UNKNOWN. Why is the applied (cloud) reputation UNKNOWN and not NOT_LISTED? A. The sensor […]

Which rule will kill notepad.exe entirely if this activity is detected in the future?

An analyst has investigated two alerts on two separate HR workstations and found that notepad.exe has established communication to another IP address. Which rule will kill notepad.exe entirely if this activity is detected in the future? A. **\system32\notepad.exe –> Communicates over the network –> Terminate process B. **\system32\notepad.exe –> Runs or is Running –> Deny […]

Which three actions are available for sensors within the Sensor Group?

An administrator needs to manage a group of sensors from within the console. Which three actions are available for sensors within the Sensor Group? (Choose three.) A. Move to group B. Disable C. Restart D. Ban E. Uninstall F. Share Settings Reference: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwjttoeA3ILvAhU6QhUIHZaND-YQFjAAegQIARAD&url=https%3A%2F%2Fcommunity.carbonblack.com%2Fgbouw27325%2Fattachments%2Fgbouw27325%2Fproduct-docs-news%2F3020%2F1%2FCB_EDR_7.3_User_Guide.pdf&usg=AOvVaw23smt4s66MWHdv9jM2PYF- (86)

Which three actions are available to take on the alert?

An analyst is investigating an alert within the Enterprise EDR console and needs to take action on it. Which three actions are available to take on the alert? (Choose three.) A. Ignore alert B. Dismiss C. Dismiss on all devices if grouping is enabled D. Edit watchlist E. Save report G. Notifications history Reference: https://community.carbonblack.com/t5/Knowledge-Base/Carbon-Black-Cloud-How-to-Dismiss-Alerts/ta-p/51766