1. Home
  2. VMware
  3. 5V0-91.20

VMware Carbon Black Portfolio Skills

Exam Details

  • Exam Code
    :5V0-91.20
  • Exam Name
    :VMware Carbon Black Portfolio Skills
  • Certification
    :VMware Certifications
  • Vendor
    :VMware
  • Total Questions
    :116 Q&As
  • Last Updated
    :Mar 27, 2025

VMware VMware Certifications 5V0-91.20 Questions & Answers

  • Question 71:

    Refer to the exhibit:

    Which statement is true in regards to communication between the sensor and server?

    A. The sensor must be able to resolve the name cb.yourcompany.com.

    B. The server must have an entry in the host file for cb.yourcompany.com.

    C. The communication is unencrypted.

    D. The sensor will communicate on a non-default port.

  • Question 72:

    An administrator is troubleshooting App Control agent issues. When navigating to the Computer Details page, the administrator sees the following: What is the status of the WINDOWS-CLIENT agent?

    A. Connected and Up to date

    B. Disconnected and Up to date

    C. Connected but unsupported

    D. Connected but health check failed

  • Question 73:

    An administrator ran the following query.

    SELECT name, VERSION, install_location, install_source, publisher, install_date, uninstall_string FROM

    programs WHERE publisher = "Microsoft Corporation";

    The administrator notices a lot of installed programs are not returned.

    How can the administrator alter the query to see all results?

    A. Edit the WHERE clause to remove the quotes

    B. Remove the WHERE clause

    C. Replace the = with LIKE

    D. Change the WHERE clause to = "*"

  • Question 74:

    Management has directed that the SOC team be enabled to create global file bans via the App Control API.

    How would this be configured in the App Control Console?

    A. Create a Role, map to corresponding SOC group, and add permission "Manage files" to Role.

    B. Add permission "Manage files" and create an API token for each SOC user.

    C. Create a Role, map to the corresponding SOC group, add permission "Manage files", and create API token for the Role.

    D. Create a Role, map it to the corresponding SOC group, add permission "Manage files" to Role, and create an API token for each user in group.

  • Question 75:

    An analyst is investigating an alert within Enterprise EDR. The alert is tied to an unusual process name. When navigating to the binary details page, for the binary used in the alert, the analyst sees the following:

    The analyst wants to find any instances of this process executing regardless of the process name used.

    Which two details from the binary can be used to search for the application regardless of the seen name? (Choose two.)

    A. The binary's hash

    B. The path

    C. The original filename

    D. The product version

    E. The publisher name

  • Question 76:

    An administrator uses the following Enterprise EDR search query to show web browsers spawning nonbrowser child processes that connect over the network:

    (parent_name:chrome.exe OR parent_name:iexplore.exe OR parent_name:firefox.exe) AND (NOT process_name:chrome.exe OR NOT process_name:iexplore.exe OR NOT process_name:firefox.exe)

    Which field can be added to this query to filter the results by signature status?

    A. childproc_publisher_state

    B. process_publisher

    C. childproc_reputation

    D. process_publisher_state

  • Question 77:

    An alert for a device running a proprietary application is tied to a vital business operation. Which action is appropriate to take?

    A. Add the application to the Approved List.

    B. Terminate the process.

    C. Deny the operation.

    D. Quarantine the device.

  • Question 78:

    Refer to the exhibit:

    Which two statements are true about Carbon Black Live Response (CBLR)? (Choose two.)

    A. CBLR is enabled.

    B. A CBLR session is established.

    C. CBLR is disabled.

    D. A CBLR session is not attached.

    E. A CBLR session already exists.

  • Question 79:

    What is the maximum number of binaries (hashes) that can be banned using the web console?

    A. 500

    B. 600

    C. 300

    D. 400

  • Question 80:

    Refer to the exhibit:

    Which two logic statements correctly explain filtering within the UI? (Choose two.)

    A. Filtering between fields is a logical OR

    B. Filtering within the same field is a logical AND C. Filtering between fields is a logical AND

    D. Filtering between fields is a logical XOR

    E. Filtering within the same field is a logical OR

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only VMware exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 5V0-91.20 exam preparations and VMware certification application, do not hesitate to visit our Vcedump.com to find your solutions here.