5V0-93.22 Exam Dumps : VMware Carbon Black Cloud Endpoint Standard Skills

 According to the VMware Carbon Black Cloud Endpoint Standard User Guide, the threshold, in days, before a machine shows as inactive in the console is 7 days. An inactive device is a device that has not communicated with the Carbon Black Cloud console for more than 7 days. The console displays the last communication time for each device on the Endpoints page. The administrator can use the Inactive Devices filter to view all the inactive devices in the organization. The administrator can also use the Device Status widget on the Dashboard page to see the number and percentage of inactive devices in the organization. The administrator can take various actions to resolve the inactive device issue, such as:

• Check the network connectivity and firewall settings of the device
• Check the sensor status and version on the device
• Check the policy settings and rules applied to the device
• Reinstall the sensor on the device
• Delete the device from the console if it is no longer in use References:
• VMware Carbon Black Cloud Endpoint Standard User Guide, page 14, Inactive Devices section.

According to the VMware Carbon Black Cloud Endpoint Standard User Guide, the Sensor Service (RepMqr) is the process that is responsible for uploading event reporting to VMware Carbon Black Cloud. The Sensor Service (RepMqr) is one of the components of the VMware Carbon Black Cloud sensor, which is the software agent that runs on the endpoints and collects and sends data to the VMware Carbon Black Cloud console. The Sensor Service (RepMqr) is responsible for the following tasks:

• Collecting and compressing endpoint events
• Sending endpoint events to the VMware Carbon Black Cloud console
• Receiving and applying policy updates from the VMware Carbon Black Cloud console
• Performing actions requested by the VMware Carbon Black Cloud console, such as quarantine, unquarantine, or bypass

The other processes are not responsible for uploading event reporting to VMware Carbon Black Cloud. The Sensor Service (RepUx) is the process that is responsible for uploading file metadata and content to VMware Carbon Black Cloud. The Scanner Service (scanhost) is the process that is responsible for scanning the endpoint for malicious files and activity. The Scanner Service (Re) is the process that is responsible for scanning the endpoint for reputation information. References:

• VMware Carbon Black Cloud Endpoint Standard User Guide, page 7, Sensor Components section, Sensor Service (RepMqr) subsection.

This feature allows the administrator to test the rule against historical data and see how many events would have matched the rule criteria in the past 24 hours. The administrator can also see the details of the matching events, such as the device name, the process name, the process path, the operation type, and the operation result. This feature can help the administrator to confirm that the new rulewould have prevented a previous execution that had been observed, as well as to evaluate the effectiveness and accuracy of the rule1.

The other options are not features that can be used for this purpose. A. Setting up a notification based on a policy action, and then selecting Terminate is a feature that allows the administrator to receive an alert when a terminate rule is triggered by a current event, but it does not allow the administrator to test the rule against historical data. C. Configuring the rule to terminate the process is a feature that allows the administrator to specify the action that the sensor will take when the rule is triggered by a current event, but it does not allow the administrator to test the rule against historical data. D. Configuring the rule to deny operation of the process is a feature that allows the administrator to specify a different action than terminate for the rule, but it does not allow the administrator to test the rule against historical data. References:

• Endpoint Standard Rules - VMware Docs, Test Rule section.