VMware

Carbon Black Cloud Technical Specialist

250-602

Get certified with the 250-602 exam focusing on Carbon Black Cloud solutions.

200 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 81–90 of 200

Q81

What happens when you configure a custom rule with high severity in Carbon Black Cloud?

  • A It will notify all users.
  • B It becomes an alert only.
  • C It triggers immediate remediation actions.
  • D It suspends the affected processes.
Explanation High severity rules are designed to invoke immediate response, whereas other options suggest less urgent measures.
Q82

Which service provides advanced endpoint protection in VMware Carbon Black Cloud?

  • A Endpoint Detection and Response
  • B Network Function Virtualization
  • C Identity Manager
  • D vSphere Management
Explanation Endpoint Detection and Response is designed for advanced endpoint protection, while the others do not focus on endpoint security.
Q83

A company needs to investigate a malware infection. What should they analyze first using Carbon Black Cloud?

  • A User credentials
  • B Threat intelligence feeds
  • C Audit logs
  • D Malware alerts
Explanation Malware alerts provide direct indications of infection, whereas the others are less immediate for investigation.
Q84

You are configuring application control policies in VMware Carbon Black Cloud. What happens when a policy is enforced?

  • A All applications can run unrestricted
  • B Only whitelisted applications are allowed
  • C All applications are blocked by default
  • D Applications are scanned but not blocked
Explanation Enforcing a policy means only whitelisted applications are allowed; the others do not correctly describe policy enforcement behavior.
Q85

Which service provides endpoint detection and response in VMware Carbon Black Cloud?

  • A Endpoint Standard
  • B Cloud Management
  • C Network Insight
  • D Threat Intelligence
Explanation Endpoint Standard offers advanced EDR capabilities, while other options serve different purposes.
Q86

A company needs to protect its endpoints from ransomware; what feature should you implement?

  • A Blocking untrusted files
  • B Vulnerability assessment
  • C Filesystem integrity monitoring
  • D Incident response automation
Explanation Blocking untrusted files prevents ransomware from executing, while the others assist differently.
Q87

What happens when a detected malicious file is quarantined?

  • A It is permanently deleted.
  • B It is moved for review.
  • C It remains active.
  • D User can access it again.
Explanation Quarantining a file moves it for further analysis, as opposed to deleting it immediately.
Q88

Which service evaluates the security posture of an endpoint?

  • A Endpoint Detection and Response
  • B Vulnerability Assessment
  • C Incident Response
  • D Network Monitoring
Explanation Vulnerability Assessment evaluates security posture; others do not focus on assessment.
Q89

A company needs to analyze file tampering. Which feature should they use?

  • A Threat Intelligence
  • B File Integrity Monitoring
  • C Anti-Malware Scanning
  • D Device Control
Explanation File Integrity Monitoring tracks file changes; others focus on detection or control.
Q90

What happens when an endpoint goes offline in Carbon Black Cloud?

  • A It stops protecting the endpoint.
  • B It continues logging offline events.
  • C All policies are cleared.
  • D No updates apply until it reconnects.
Explanation No updates apply until it reconnects, but protection remains active; other options are incorrect.