VMware

Carbon Black Cloud Technical Specialist

250-602

Get certified with the 250-602 exam focusing on Carbon Black Cloud solutions.

200 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 1–10 of 200

Q1

Which service does VMware Carbon Black Cloud use for threat detection?

  • A Behavioral Analysis
  • B Static Analysis
  • C Manual Review
  • D User Feedback
Explanation Behavioral Analysis is used for real-time threat detection; other options do not provide instant detection.
Q2

You are configuring application control policies in Carbon Black Cloud. What is the primary benefit of using whitelisting?

  • A Blocks all applications automatically
  • B Reduces false positives
  • C Simplifies incident response process
  • D Allows unverified apps to run
Explanation Whitelisting reduces false positives by only allowing approved applications; other options are incorrect regarding whitelisting's function.
Q3

A company needs to respond to an incident in Carbon Black Cloud; which feature should they primarily utilize for investigation?

  • A Cloud Entitlements
  • B Threat Graph
  • C Live Query
  • D Endpoint Isolation
Explanation Live Query allows real-time data investigation; the other features do not provide immediate investigative capabilities.
Q4

Which service provides real-time incident response capabilities?

  • A VMware Carbon Black Cloud
  • B VMware vSphere
  • C VMware NSX
  • D VMware Horizon
Explanation VMware Carbon Black Cloud is specifically designed for real-time incident response, while the others focus on virtualization and network security.
Q5

A company needs to block access to a specific website. What is the best approach using VMware Carbon Black?

  • A Create a technical support ticket
  • B Set up a policy to block URLs
  • C Enable network traffic analysis
  • D Install a firewall appliance
Explanation Setting up a policy in Carbon Black specifically allows blocking of URLs effectively, unlike the others.
Q6

What happens when an endpoint fails a security check in Carbon Black?

  • A Nothing occurs; checks are periodic
  • B Endpoint is isolated automatically
  • C Alert triggered for investigation
  • D Endpoint is deleted from network
Explanation An alert is triggered for investigation when a security check fails, while isolation and deletion are not standard actions without human intervention.
Q7

Which service provides endpoint detection and response in VMware Carbon Black Cloud?

  • A Threat Detection
  • B Cloud Compliance
  • C Incident Response
  • D Computer Management
Explanation Threat Detection service identifies advanced threats; others serve different purposes.
Q8

A company needs to ensure that users receive alerts for unauthorized software installations. What should they implement?

  • A Policy Management
  • B Threat Hunting
  • C Application Control
  • D User Activity Monitoring
Explanation Application Control prevents unauthorized software; others do not enforce installation policies.
Q9

You are configuring an alert for suspicious file modifications. What happens when this alert triggers?

  • A Automated file restoration occurs
  • B Analysis of the event starts
  • C Notifications are sent to IT admins
  • D User access is immediately revoked
Explanation Notifications inform admins of issues; relevant analysis follows, but auto-restoration or revocation doesn't happen.
Q10

Which service within VMware Carbon Black Cloud focuses on endpoint detection and response?

  • A Advanced Threat Detection
  • B Threat Intelligence
  • C Endpoint Detection and Response
  • D Behavioral Analysis
Explanation Endpoint Detection and Response is specifically designed for detecting and responding to threats on endpoints, while others focus on different aspects of security.