VMware

Carbon Black Cloud Technical Specialist

250-602

Get certified with the 250-602 exam focusing on Carbon Black Cloud solutions.

200 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 111–120 of 200

Q111

You are configuring sensor settings in VMware Carbon Black Cloud. What should you be cautious about when changing default values?

  • A Removing all monitoring settings
  • B Exposure to zero-day attacks
  • C Increased disk space usage
  • D Compatibility with other software
Explanation Changing default settings without care can increase vulnerability to zero-day attacks, unlike the other options which are less critical concerns.
Q112

Which service of VMware Carbon Black Cloud provides real-time endpoint detection?

  • A Endpoint Detection and Response
  • B Cloud Security Posture
  • C Network Traffic Analysis
  • D User Behavior Analytics
Explanation Endpoint Detection and Response identifies and addresses threats in real-time; others do not focus specifically on endpoint detection.
Q113

A company needs to restrict execution of unauthorized scripts on endpoints. Which feature should be configured?

  • A File Integrity Monitoring
  • B Application Control
  • C Threat Intelligence
  • D Vulnerability Management
Explanation Application Control specifically allows blocking unauthorized scripts while other options do not directly address script execution.
Q114

You are configuring policies for an enterprise with multiple departments. What happens when a more restrictive policy is applied to a department?

  • A It overrides all other policies.
  • B It's ignored if a broader policy exists.
  • C It combines with other policies.
  • D It triggers alerts for violations.
Explanation A more restrictive policy will take precedence and override broader policies; other options misrepresent policy handling.
Q115

Which service in VMware Carbon Black Cloud focuses on endpoint detection and response?

  • A Endpoint Standard
  • B Cloud Workload Protection
  • C Threat Intelligence
  • D Policy Management
Explanation Endpoint Standard is specifically designed for endpoint detection and response; others focus on different aspects of security.
Q116

A company needs to ensure that their Windows endpoints respond to identified threats immediately. What type of response policy should they implement?

  • A Containment only
  • B Full remediation
  • C Manual review
  • D Quarantine
Explanation Full remediation addresses threats immediately; containment alone may not remove threats.
Q117

What happens when a user disables the protection policy on an endpoint?

  • A Endpoint remains protected
  • B Endpoint gets unmonitored
  • C Endpoint incurs vulnerability
  • D Endpoint pauses the services
Explanation Disabling the policy leaves the endpoint vulnerable; the other options incorrectly suggest the endpoint remains secured.
Q118

Which service in VMware Carbon Black Cloud is primarily used for endpoint detection and response?

  • A EDR Service
  • B CSP Service
  • C Threat Intelligence
  • D Content Delivery
Explanation The EDR Service is designed for comprehensive endpoint detection and response, unlike the other options which serve different purposes.
Q119

A company needs to respond to a detected threat. What action should be prioritized first?

  • A Implement a firewall rule
  • B Isolate the affected device
  • C Contact law enforcement
  • D Update all security policies
Explanation Isolating the affected device is crucial to prevent further intrusion before taking additional actions.
Q120

You are configuring policies in Carbon Black Cloud. What happens when you set a policy to 'Monitor' instead of 'Block'?

  • A Threats are automatically removed
  • B Threats are recorded but not stopped
  • C All activities are allowed
  • D Alerts are disabled during scanning
Explanation 'Monitor' allows detection and logging of threats without blocking their execution, contrasting with 'Block' which prohibits it.