VMware

Carbon Black Cloud Technical Specialist

250-602

Get certified with the 250-602 exam focusing on Carbon Black Cloud solutions.

200 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 181–190 of 200

Q181

Which service is specifically designed for threat intelligence in VMware Carbon Black Cloud?

  • A Threat Analysis Service
  • B Threat Intelligence Service
  • C Incident Response Service
  • D Endpoint Protection Service
Explanation The Threat Intelligence Service provides actionable insights into threat data, while others focus on response or general protection.
Q182

A company needs to quickly isolate a compromised endpoint. Which action should they take in VMware Carbon Black Cloud?

  • A Remediate the devices immediately
  • B Quarantine the endpoint
  • C Disable all network access
  • D Delete the endpoint from inventory
Explanation Quarantining allows for isolation without data loss; the other options may disrupt operations or lead to data loss.
Q183

What happens when a VMware Carbon Black Cloud sensor is unresponsive for an extended period?

  • A All endpoints are automatically quarantined
  • B Data collection stops for that endpoint
  • C Alerts are disabled globally
  • D Malicious activity goes unmonitored
Explanation When a sensor is unresponsive, it stops collecting data specifically for that endpoint, affecting visibility.
Q184

Which service does VMware Carbon Black Cloud primarily use for threat detection?

  • A Behavioral analysis engine
  • B Firewall management system
  • C Backup and recovery solution
  • D Virtualization services
Explanation The behavioral analysis engine is essential for detecting threats through monitoring activities, while the other options do not focus on threat detection.
Q185

A company needs to limit the risk of malware spreading from removable devices. What should they configure in Carbon Black Cloud?

  • A Vulnerability scans on devices
  • B Application control policies
  • C Access control lists
  • D Removable media policy
Explanation Configuring a removable media policy specifically addresses the threat from removable devices, whereas the other options focus on different security aspects.
Q186

What happens when a user's device sends a suspicious file to the Carbon Black Cloud for analysis?

  • A Immediate quarantine of the device
  • B File reviewed for behavioral indicators
  • C The device is shut down remotely
  • D User receives an alert only
Explanation The suspicious file undergoes behavioral analysis, while immediate quarantine and remote shutdown are not standard responses.
Q187

Which service allows for visibility into endpoint activity within VMware Carbon Black Cloud?

  • A Endpoint Detection and Response
  • B Network Security
  • C Cloud Health Monitoring
  • D Patch Management
Explanation Endpoint Detection and Response provides detailed endpoint visibility; others focus on different aspects of security.
Q188

A company needs to prioritize resources for incident response. Which feature assists in determining alert severity?

  • A Threat Intelligence
  • B Live Response
  • C Risk Score
  • D Task Automation
Explanation The Risk Score helps assess alert severity, while others serve different purposes.
Q189

You are configuring policy settings to restrict unauthorized applications. What happens if a user attempts to launch a blocked application?

  • A The application runs silently
  • B User receives a warning
  • C Application is denied access
  • D Nothing happens at all
Explanation The application is denied access; the other options do not align with Carbon Black's blocking behavior.
Q190

Which service in VMware Carbon Black Cloud is primarily responsible for endpoint detection and response (EDR)?

  • A CB Defense
  • B Cloud Onboarding
  • C Threat Intelligence
  • D Centrally Managed Logging
Explanation CB Defense provides EDR capabilities; other options support different functions.