What is a capability of VMware Carbon Black Cloud?
A. Automation via closed SOAP APIs
B. Real-time view of attackers
C. Attack chain visualization and search
D. Continuous and decentralized recording
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
A security administrator notices an unusual software behavior on an endpoint. The administrator immediately used the search query to collect data and start analyzing indicators to find the solution.
What is a pre-requisite step in gathering specific vulnerability data to export it as a CSV file for analysis?
A. Search for specific malware byhash or filename.
B. Access the Audit Log content to see associated events.
C. Enable cloud analysis.
D. Perform a custom search on the Endpoint Page.
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 3:
An administrator wants to block an application by its path instead of reputation. The following steps have already been taken:
Go to Enforce > Policies > Select the desired policy >
Which additional steps must be taken to complete the task?
A. Scroll down to the Permissions section > Click Add application path > Enter the path of the desired application
B. Scroll down to the Blocking and Isolation section > Click Edit (pencil icon) for the desired Reputation
C. Click Enforce > Add application path name
D. Scroll down to the Blocking and Isolation section > Click Add application path > Enter the path of the desired application
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
An administrator wants to prevent a spreadsheet from being misused to run malicious code, while minimizing the risk of breaking normal operations of a spreadsheet.
Which rule should be used?
A. **\excel.exe [Invokes a command interpreter] [Deny operation]
B. **\Microsoft Office\** [Runs external code] [Terminate process]
C. **\excel.exe [Runs malware] [Deny operation]
D. **/Microsoft Excel.app/** [Communicates over the network] [Terminate process]
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
Which statement accurately characterizes Alerts that are categorized as a "Threat" versus those categorized as
"Observed"?
A. "Threat" indicates a more likely malicious event. "Observed" are less likely to be malicious.
B. "Threat" indicates a block (Deny or Terminate) has occurred. "Observed" indicates that there is no block.
C. "Threat" indicates an ongoing attack. "Observed" indicates the attack is over and is being watched.
D. "Threat" indicates that no block (Deny or Terminate) has occurred. "Observed" indicates a block.
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 6:
An organization has found application.exe running on some machines in their Workstations policy.
Application.exe has a SUSPECT_MALWARE reputation and runs from C:\Program Files\IT\Tools. The Workstations policy has the following rules which could apply:
Blocking and Isolation Rule
Application on the company banned list > Runs or is running > Deny
Known malware > Runs or is running > Deny
Suspect malware > Runs or is running > Terminate
Permissions Rule
C:\Program Files\IT\Tools\* > Performs any operation > Bypass
Which action, if any, should an administrator take to ensure application.exe cannot run?
A. Add the hash to the company banned list at a higher priority.
B. Remove the Permissions rule for C:\Program FilesMTVToolsV.
C. Change the reputation to KNOWN MALWARE to a higher priority.
D. No action needs to be taken as the file will be blocked based on reputation alone.
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 7:
An administrator has configured a permission rule with the following options selected:
Application at path: C:\Program Files\**
Operation Attempt: Performs any operation
Action: Bypass
What is the impact, if any, of using the wildcards in the path?
A. No Files will be ignored from the "Program Files" director/, but Malware in the "Program Files" directory will continue to be blocked.
B. Executable files in the "Program Files" folder will be blocked.
C. All executable files in the "Program Files" folder and subfolders will be ignored, includingmalware files.
D. Only executable files in the "Program Files" folder will be ignored, includingmalware files.
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
1227 お客様のコメント





Chiyoya -
ひたすらソフト版を利用して、勉強し直しました。内容がしっかり覚えて、試験を合格できました。
やはり信頼できる商品です。
ほかの資格も取得予定がありますが、今後もとよろしくお願いします。