App Control System Health email alerts for excessive agent backlog are occurring hourly.
This is overwhelming the analysts, and they would like to reduce the notifications.
How can the analyst reduce the unneeded alerts?
A. Set the email address for subscribers to an invalid email.
B. Change reminder email to daily or disabled.
C. Disable the alert.
D. Delete the alert.
How long will Live Queries in Carbon Black Audit and Remediation run before timing out?
A. 30 days
B. 14 days
C. 180 days
D. 7 days
Which reputation is processed with the lowest priority for Endpoint Standard?
A. Local White
B. Known Malware
C. Trusted White
D. Common White
Which value should an administrator use when reviewing an alert to determine the file reputation at the time the event occurred?
A. Cloud Reputation (Initial)
B. Effective Reputation
C. Local Reputation
D. Cloud Reputation (Current)
An analyst is reviewing an alert in Enterprise EDR from a custom watchlist. The analyst disagrees with the alert severity rating.
How can the analyst change the alert severity value, if this is possible?
A. The alert severity is assigned by the backend analytics.
B. The alert severity is not configurable.
C. Change the alert severity on the watchlist.
D. Change the alert severity on the report.
An administrator is searching for any child processes of email clients with this query in Carbon Black Enterprise EDR:
parent_name:outlook.exe OR parent_name:thunderbird.exe OR parent_name:eudora.exe The administrator would like to modify this query to only show child processes that do not have a known reputation in the Carbon Black Cloud.
Which search field can be added to the query to show the desired results?
A. process_integrity_level
B. process_reputation
C. process_privileges
D. process_cloud_reputation
An analyst is investigating an alert within the Enterprise EDR console and needs to take action on it. Which three actions are available to take on the alert? (Choose three.)
A. Ignore alert
B. Dismiss
C. Dismiss on all devices if grouping is enabled
D. Edit watchlist
E. Save report
F. Notifications history
Review this EDR query:
childproc_name:whoami.exe AND childproc_name:hostname.exe AND childproc_name:tasklist.exe AND childproc_name:ipconfig.exe
Which process would show in the query results?
A. Any process invoked by whoami.exe, hostname.exe, tasklist.exe, and ipconfig.exe
B. Any process invoked by whoami.exe, hostname.exe, tasklist.exe, or ipconfig.exe
C. Any process invoking whoami.exe, hostname.exe, tasklist.exe, or ipconfig.exe
D. Any process invoking whoami.exe, hostname.exe, tasklist.exe, and ipconfig.exe
What are the three available methods in VMware Carbon Black App Control by which an endpoint (agent) can be assigned to a specific policy? (Choose three.)
A. By pushing the designated GPO script
B. Via DASCLI command
C. By installing the agent via SCCM
D. Manual policy assignment
E. By branded/policy-specific installer
F. By Active Directory Mapping
Which Live Query statement is properly constructed?
A. SELECT * FROM 'users'
B. select * from *:
C. select from users;
D. SELECT * FROM users;
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only VMware exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 5V0-91.20 exam preparations and VMware certification application, do not hesitate to visit our Vcedump.com to find your solutions here.