Online Access Free VMware.5V0-91.20.v2021-11-03.q45 Practice Test (Page 4)

5V0-91.20 Exam Question 11

An administrator wants to allow files to run from a network share.
Which rule type should the administrator configure?

A.Execute Prompt (Shared Path)

B.Network Execute (Allow)

C.Trusted Path

D.Write Approve (Network)

5V0-91.20 Exam Question 12

An Enterprise EDR administrator wants to use Watchlists curated by VMware Carbon Black and other threat intelligence specialists.
How should the administrator add these curated Watchlists from the Watchlists page?

A.Click Add Watchlists, and input the URL(s) for the desired Watchlists.

B.Click Take Action, select Edit, and select the desired Watchlists.

C.Click Take Action, and select Subscribe for the desired Watchlists.

D.Click Add Watchlists, on the Subscribe tab select the desired Watchlists, and click Subscribe.

5V0-91.20 Exam Question 13

An analyst on the security team noticed that several alerts are false positives within Enterprise EDR. The analyst disables the IOC within the report from those alerts.
Which statement correctly explains what disabling the IOC will accomplish?

A.That specific IOC in the report will no longer generate hits or alerts on the device from the alert.

B.The report will no longer generate hits or alerts on the device from the alert.

C.The report will no longer generate hits or alerts.

D.That specific IOC in the report will no longer generate hits or alerts.

5V0-91.20 Exam Question 14

Which two statements are true regarding Live Response? (Choose two.)

A.Live Response opens an SSH session with the remote device.

B.Live Response requires both view and manage permissions to use.

C.Live Response supports one user per session on an endpoint.

D.Live Response utilizes the same channel for sensor-server communications.

E.Live Response can only be initiated through the user interface.

5V0-91.20 Exam Question 15

An Enterprise EDR administrator is reviewing the Investigate page and believes they are receiving false positive hits from specific watchlist.
Which three options reduce future false positive hits from this watchlist? (Choose three.)

A.Dismiss the watchlist hit.

B.Disable/remove the report associated with the false positives.

C.Select edit watchlist and uncheck alert on hits.

D.Disable/remove the IOC associated with the false positives.

E.Disable the watchlist associated with the false positives.

F.Modify policy rules to exclude the false positive directory.

Premium Bundle

Newest 5V0-91.20 Exam PDF Dumps shared by Actual4test.com for Helping Passing 5V0-91.20 Exam! Actual4test.com now offer the updated 5V0-91.20 exam dumps, the Actual4test.com 5V0-91.20 exam questions have been updated and answers have been corrected get the latest Actual4test.com 5V0-91.20 pdf dumps with Exam Engine here:

Access 5V0-91.20 Premium Version

(115 Q&As Dumps, 30%OFF Special Discount: Freepdfdumps)

Other Version: 56VMware.Pass4surequiz.5V0-91.20.v2022-05-02.by.beatrice.46q.pdf; 1323VMware.5V0-91.20.v2022-02-05.q46; 112VMware.Prepawayete.5V0-91.20.v2021-08-07.by.nicholas.41q.pdf

Latest Upload: 169ACSM.020-222.v2025-09-11.q48; 157VMware.5V0-31.23.v2025-09-10.q73; 131Oracle.1z0-915-1.v2025-09-10.q24; 160Citrix.1Y0-231.v2025-09-10.q87; 135SAP.C-THR85-2505.v2025-09-09.q29; 166Adobe.AD0-E727.v2025-09-09.q76; 130Oracle.1Z0-1123-25.v2025-09-09.q20; 136SAP.C_SIGPM_2403.v2025-09-08.q20; 254EXIN.ITIL.v2025-09-08.q161; 172BCS.PC-BA-FBA-20.v2025-09-08.q45