VMware

Carbon Black Endpoint Detection and Response Technical Specialist

250-601

Validate your skills in endpoint detection with the 250-601 exam.

195 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 151–160 of 195

Q151

Which service is primarily responsible for real-time threat monitoring in VMware Carbon Black EDR?

  • A Threat Analysis Service
  • B Endpoint Detection Service
  • C Response Management Service
  • D Incident Response Service
Explanation The Threat Analysis Service provides real-time monitoring, while others focus on response or management.
Q152

A company needs to implement automated containment for a potential malware infection. Which feature in Carbon Black should they use?

  • A Blocklisting
  • B Sensor Rules
  • C Threat Intelligence
  • D Live Response
Explanation Live Response allows immediate containment actions on endpoints, unlike other features.
Q153

You are configuring alerts in Carbon Black. What happens when you set a severity level to 'Critical'?

  • A No alerts will trigger.
  • B Only low-severity alerts are shown.
  • C High-priority alerts generate notifications.
  • D Alerts are ignored by the system.
Explanation Setting 'Critical' indicates high-priority, actionable alerts that generate notifications.
Q154

Which service in VMware Carbon Black is primarily responsible for real-time monitoring of endpoints?

  • A Response
  • B Threat Intelligence
  • C Incident Management
  • D Remediation
Explanation Response provides continuous monitoring, while others focus on analysis or support.
Q155

You are configuring a Carbon Black Cloud sensor that must report back to the management console every 5 minutes. What setting should you adjust?

  • A Heartbeat Interval
  • B Data Retention
  • C Connection Timeout
  • D Agent Registration
Explanation The heartbeat interval determines how often the sensor communicates with the console.
Q156

A company needs to quickly identify potential malicious behavior across all endpoints. Which feature would be most beneficial?

  • A Ransomware Protection
  • B Behavioral EDR
  • C Managed Defenses
  • D Container Security
Explanation Behavioral EDR analyzes actions and flags anomalies, unlike the others which serve different purposes.
Q157

Which service does VMware Carbon Black utilize for real-time threat detection?

  • A Behavioral analysis engine
  • B Network intrusion detection
  • C Static analysis scanning
  • D Virtual machine isolation
Explanation The behavioral analysis engine identifies threats in real-time through observed actions, while others do not primarily perform real-time analysis.
Q158

A security analyst notices unusual login attempts from multiple IPs. What should they investigate first?

  • A User activity log
  • B DNS records
  • C Malware signatures
  • D File integrity monitoring
Explanation The user activity log can reveal underlying authentication practices and help identify potential account compromise before investigating other log sources.
Q159

You are configuring policies in VMware Carbon Black. What should be done to ensure the Data Retention Policy is compliant with regulations?

  • A Set retention to 12 months
  • B Use default settings blindly
  • C Review compliance requirements first
  • D Keep data indefinitely
Explanation Always review compliance requirements first to tailor the retention period appropriately; the others are less informed choices that could lead to non-compliance.
Q160

Which service in VMware Carbon Black focuses on detecting and responding to endpoint threats?

  • A Endpoint Detection and Response
  • B Cloud Security Services
  • C Infrastructure Management
  • D Network Security Monitoring
Explanation Endpoint Detection and Response specifically targets endpoint threats, while the others serve different security aspects.