An organization is seeing a new malicious process that has not been seen before.
Which tool can be used to block this process?
An administrator needs to make sure all files are scanned locally upon execution.
Which setting is necessary to complete this task?
An organization has found application.exe running on some machines in their Workstations policy. Application.exe has a SUSPECT_MALWARE reputation and runs from C:\Program Files\IT\Tools. The Workstations policy has the following rules which could apply:
Blocking and Isolation Rule
Permissions Rule
Which action, if any, should an administrator take to ensure application.exe cannot run?
An administrator is tasked to create a reputation override for a company-critical application based on the highest available priority in the reputation list. The company-critical application is already known by VMware Carbon Black.
Which method of reputation override must the administrator use?
An administrator has configured a permission rule with the following options selected:
Application at path: C:\Program Files\**
Operation Attempt: Performs any operation
Action: Bypass
What is the impact, if any, of using the wildcards in the path?
Full Exam Access, Actual Exam Questions, Validated Answers, Anytime Anywhere, No Download Limits, No Practice Limits
Get All 60 Questions & Answers