An administrator needs to fully analyze the relevant information of an event stored in the VMware Carbon Black Cloud.
On which page can this information be found?
Which statement accurately characterizes Alerts that are categorized as a "Threat" versus those categorized as "Observed"?
An organization is seeing a new malicious process that has not been seen before.
Which tool can be used to block this process?
A company wants to prevent an executable from running in their organization. The current reputation for the file is NOT LISTED, and the machines are in the default standard policy.
Which action should be taken to prevent the file from executing?
Which VMware Carbon Black Cloud process is responsible for uploading event reporting to VMware Carbon Black Cloud?
An administrator wants to be notified when particular Tactics, Techniques, or Procedures (TTPs) are observed on a managed endpoint.
Which notification option must the administrator configure to receive this notification?
An administrator would like to proactively know that something may get blocked when putting a policy rule in the environment.
How can this information be obtained?
A security administrator is tasked to investigate an alert about a suspicious running process trying to modify a system registry.
Which components can be checked to further inspect the cause of the alert?
Which statement is true regarding Blocking/Isolation rules and Permission rules?
A script-based attack has been identified that inflicted damage to the corporate systems. The security administrator found out that the malware was coded into Excel VBA and would like to perform a search to further inspect the incident.
Where in the VMware Carbon Black Cloud Endpoint Standard console can this action be completed?