VMware

Carbon Black Cloud Technical Specialist

250-602

Get certified with the 250-602 exam focusing on Carbon Black Cloud solutions.

200 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 171–180 of 200

Q171

You are configuring user roles in VMware Carbon Black. What happens when you grant Administrator privileges?

  • A Can view all user activities
  • B Can modify detection policies
  • C Can only manage devices
  • D Can delete all accounts
Explanation Administrator privileges allow modification of detection policies, while others are limited aspects of user roles.
Q172

Which service in VMware Carbon Black Cloud specializes in threat detection and response integration?

  • A Endpoint Threat Detection
  • B Cloud Management
  • C User Behavior Analysis
  • D Compliance Management
Explanation Endpoint Threat Detection is focused on real-time threat assessment, while the other options do not specifically prioritize threat detection.
Q173

A company needs to ensure that all endpoints are monitored for suspicious activity. Which setting should they enable?

  • A Lightweight Monitoring
  • B Investigative Monitoring
  • C Continuous Monitoring
  • D Scheduled Scanning
Explanation Continuous Monitoring provides real-time insights into suspicious activities; the others do not offer ongoing surveillance.
Q174

You are configuring response actions in VMware Carbon Black Cloud. What happens when you set a response action to 'Quarantine'?

  • A File is deleted immediately
  • B File is isolated from the system
  • C Incident is automatically resolved
  • D User permissions are revoked
Explanation Quarantine isolates the file without deleting it, while the other options have different implications that do not apply.
Q175

Which service in VMware Carbon Black Cloud is primarily used for real-time threat detection?

  • A Prevention and Response
  • B Device Control
  • C Search and Investigate
  • D Application Control
Explanation Prevention and Response actively analyzes threats in real-time, while the others focus on different aspects of endpoint management.
Q176

You are configuring policies in VMware Carbon Black Cloud. What does setting a 'Block' policy do?

  • A Prevents all file executions
  • B Allows all traffic through
  • C Logs activity without actions
  • D Quarantines suspicious files
Explanation A 'Block' policy implements preventive measures against file executions, unlike other options that either permit actions or log events without intervention.
Q177

A company needs to investigate a potential breach. What happens when a host is in 'Monitor' mode in VMware Carbon Black Cloud?

  • A All files are blocked
  • B Only logging occurs
  • C Threats are actively quarantined
  • D Prevention features are disabled
Explanation In 'Monitor' mode, only activity is logged while allowing operations, contrasting with other options that enable blocking or disable protection altogether.
Q178

Which service provides continuous endpoint monitoring in VMware Carbon Black Cloud?

  • A Endpoint Detection and Response
  • B Network Security
  • C User Behavior Analytics
  • D Threat Intelligence
Explanation Endpoint Detection and Response offers continuous monitoring while the others do not focus directly on endpoints.
Q179

A company needs to enforce application control. Which feature should they utilize in VMware Carbon Black Cloud?

  • A Policy Management
  • B Behavioral Monitoring
  • C Log Retention
  • D Malware Analysis
Explanation Policy Management allows organizations to enforce application control while the others do not specifically apply to this need.
Q180

What happens when a custom sensor is configured incorrectly in VMware Carbon Black Cloud?

  • A It activates without issues
  • B It alerts the administrator immediately
  • C Data collection fails or is inaccurate
  • D No impact on other configurations
Explanation An incorrect custom sensor configuration will impact data accuracy or collection, while others imply operational status that won’t happen.