972 お客様のコメント
質問 1:
An administrator ran the following query.
SELECT name, VERSION, install_location, install_source, publisher, install_date, uninstall_string FROM programs WHERE publisher = "Microsoft Corporation"; The administrator notices a lot of installed programs are not returned.
How can the administrator alter the query to see all results?
A. Change the WHERE clause to = "*"
B. Edit the WHERE clause to remove the quotes
C. Remove the WHERE clause
D. Replace the = with LIKE
正解:B
質問 2:
An active compromise is detected on an endpoint. Due to current policies, the compromise was detected but not terminated.
What would be an appropriate action to end the current communication between the device and the attacker?
A. Place the system into bypass mode
B. Place the system into Quarantine
C. Remotely scan the endpoint
D. Uninstall the sensor
正解:A
質問 3:
An administrator needs to manage a group of sensors from within the console.
Which three actions are available for sensors within the Sensor Group? (Choose three.)
A. Disable
B. Share Settings
C. Uninstall
D. Move to group
E. Restart
F. Ban
正解:C,D,E
質問 4:
Which statement is true about Carbon Black Live Response (CBLR)?
A. CBLR sessions do not need to wait for the next sensor check-in.
B. CBLR cannot be accessed through the API.
C. CBLR is only available on Windows Endpoints.
D. CBLR is disabled by default.
正解:D
質問 5:
Which reputation has the highest priority in Cloud Endpoint Standard?
A. Ignore
B. Unknown
C. Known Malware
D. Adware/PUP Malware
正解:C
質問 6:
Refer to the exhibit:
Which two statements are true about Carbon Black Live Response (CBLR)? (Choose two.)
A. CBLR is enabled.
B. A CBLR session is established.
C. A CBLR session is not attached.
D. A CBLR session already exists.
E. CBLR is disabled.
正解:C,D
質問 7:
Which actions are available for Permissions?
A. Approve, Upload, No Upload
B. Performs any Operation, Runs or is running
C. Deny Operation, Terminate Process
D. Allow, Allow & Log, Bypass
正解:D
質問 8:
How can an analyst disregard alerts on multiple devices with the least amount of administrative effort?
A. Search by hash and dismiss.
B. Turn off the Group Alerts option.
C. Select the "Dismiss on all devices" option.
D. Make a note in the Notes/Tags option.
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
An administrator ran the following query.
SELECT name, VERSION, install_location, install_source, publisher, install_date, uninstall_string FROM programs WHERE publisher = "Microsoft Corporation"; The administrator notices a lot of installed programs are not returned.
How can the administrator alter the query to see all results?
A. Change the WHERE clause to = "*"
B. Edit the WHERE clause to remove the quotes
C. Remove the WHERE clause
D. Replace the = with LIKE
正解:B
質問 2:
An active compromise is detected on an endpoint. Due to current policies, the compromise was detected but not terminated.
What would be an appropriate action to end the current communication between the device and the attacker?
A. Place the system into bypass mode
B. Place the system into Quarantine
C. Remotely scan the endpoint
D. Uninstall the sensor
正解:A
質問 3:
An administrator needs to manage a group of sensors from within the console.
Which three actions are available for sensors within the Sensor Group? (Choose three.)
A. Disable
B. Share Settings
C. Uninstall
D. Move to group
E. Restart
F. Ban
正解:C,D,E
質問 4:
Which statement is true about Carbon Black Live Response (CBLR)?
A. CBLR sessions do not need to wait for the next sensor check-in.
B. CBLR cannot be accessed through the API.
C. CBLR is only available on Windows Endpoints.
D. CBLR is disabled by default.
正解:D
質問 5:
Which reputation has the highest priority in Cloud Endpoint Standard?
A. Ignore
B. Unknown
C. Known Malware
D. Adware/PUP Malware
正解:C
質問 6:
Refer to the exhibit:
Which two statements are true about Carbon Black Live Response (CBLR)? (Choose two.)
A. CBLR is enabled.
B. A CBLR session is established.
C. A CBLR session is not attached.
D. A CBLR session already exists.
E. CBLR is disabled.
正解:C,D
質問 7:
Which actions are available for Permissions?
A. Approve, Upload, No Upload
B. Performs any Operation, Runs or is running
C. Deny Operation, Terminate Process
D. Allow, Allow & Log, Bypass
正解:D
質問 8:
How can an analyst disregard alerts on multiple devices with the least amount of administrative effort?
A. Search by hash and dismiss.
B. Turn off the Group Alerts option.
C. Select the "Dismiss on all devices" option.
D. Make a note in the Notes/Tags option.
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
岛田** -
本格的な5V0-91.20問題も掲載されてるし、索引も充実!