VMware Related Exams
5V0-93.22 Exam
An administrator has determined that the following rule was the cause for an unexpected block:
[Suspected malware] [Invokes a command interpreter] [Terminate process]
All reputations for the process which was blocked show SUSPECT_MALWARE.
Which reputation was used by the sensor for the decision to terminate the process?
An administrator has configured a permission rule with the following options selected:
Application at path: C:\Program Files\**
Operation Attempt: Performs any operation
Action: Bypass
What is the impact, if any, of using the wildcards in the path?
An administrator has configured a terminate rule to prevent an application from running. The administrator wants to confirm that the new rule would have prevented a previous execution that had been observed.
Which feature should the administrator leverage for this purpose?