An administrator uses the following Enterprise EDR search query to show web browsers spawning nonbrowser child processes that connect over the network:
(parent_name:chrome.exe OR parent_name:iexplore.exe OR parent_name:firefox.exe) AND (NOT process_name:chrome.exe OR NOT process_name:iexplore.exe OR NOT process_name:firefox.exe) Which field can be added to this query to filter the results by signature status?

An Enterprise EDR administrator is reviewing the Investigate page and believes they are receiving false positive hits from specific watchlist.
Which three options reduce future false positive hits from this watchlist? (Choose three.)

Which statement correctly defines the results of ignoring a feed report?

Which statement filters data to only return rows where the publisher of the software includes VMware anywhere in the name?

An Endpoint Standard administrator is working with an IT team to explicitly permit specific applications from the environment using both the IT Tools and Certs Approved List features.
Once applied, which reputation would these applications be classified under for processing?