VMware

Carbon Black Cloud Technical Specialist

250-602

Get certified with the 250-602 exam focusing on Carbon Black Cloud solutions.

200 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 141–150 of 200

Q141

What happens when a device monitored by Carbon Black is powered off?

  • A It stops sending data
  • B It continues scanning local files
  • C It updates policies automatically
  • D It erases all logs
Explanation Powering off the device halts data transmission, while the other options are inaccurate functionalities of the system.
Q142

Which service in VMware Carbon Black provides real-time threat intelligence?

  • A Threat Intelligence Service
  • B Endpoint Detection Service
  • C Data Loss Prevention
  • D Security Automation Service
Explanation Threat Intelligence Service offers ongoing threat updates; others focus on endpoint detection, data protection, or automation without real-time intelligence.
Q143

A company needs to reduce false positives in alerts. Which feature should they enable in Carbon Black?

  • A Enhanced Security Policies
  • B Behavioral Analytics
  • C Whitelist Management
  • D Heuristic Analysis
Explanation Behavioral Analytics help minimize false positives; the other options do not specifically target false alert reduction.
Q144

What happens when a user runs an unsanctioned application on a monitored endpoint?

  • A Application is instantly blocked
  • B User receives a warning
  • C No action is taken
  • D Application logs are generated
Explanation Monitored endpoints automatically block unsanctioned applications, whereas the other options don't represent default behavior.
Q145

Which service facilitates threat intelligence sharing in VMware Carbon Black Cloud?

  • A Threat Intelligence Exchange
  • B Endpoint Security Management
  • C Remediation Service
  • D Compliance Monitoring
Explanation Threat Intelligence Exchange enhances threat visibility; others do not specialize in intelligence sharing.
Q146

A company needs to protect sensitive data in cloud applications. What feature of VMware Carbon Black Cloud can help?

  • A Network Isolation
  • B Data Loss Prevention
  • C User Behavior Analytics
  • D Threat Hunting
Explanation Data Loss Prevention focuses on safeguarding sensitive data; other features do not directly address data protection.
Q147

You are configuring a policy that includes advanced detections. What happens when a malicious file is detected on an endpoint?

  • A File is deleted automatically.
  • B User receives an alert only.
  • C Containment actions may trigger.
  • D No action will occur.
Explanation Containment actions are part of advanced detection responses; other options either do not reflect application behavior or misrepresent it.
Q148

Which service in VMware Carbon Black Cloud provides automated endpoint detection and response capabilities?

  • A EPP (Endpoint Protection Platform)
  • B EDR (Endpoint Detection and Response)
  • C CB Defense
  • D Threat Intelligence
Explanation EDR specializes in identifying and responding to threats, unlike EPP which focuses on prevention.
Q149

A company needs to investigate a series of suspicious files detected on their endpoints. What is the most effective way to start this investigation using VMware Carbon Black Cloud?

  • A Check network traffic logs
  • B Use incident response plans
  • C Analyze alerts in the console
  • D Consult with IT support
Explanation Analyzing alerts in the console provides detailed insights into suspicious files detected by the platform.
Q150

You are configuring policy settings in VMware Carbon Black Cloud. What happens when you set a file integrity monitoring policy to 'monitor only'?

  • A Files are blocked immediately
  • B Only changes are logged
  • C Responses are triggered automatically
  • D No monitoring occurs
Explanation 'Monitor only' allows detection of changes without taking action against them, unlike blocking or triggering responses.