Valid 5V0-93.22 Dumps shared by ExamDiscuss.com for Helping Passing 5V0-93.22 Exam! ExamDiscuss.com now offer the newest 5V0-93.22 exam dumps, the ExamDiscuss.com 5V0-93.22 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com 5V0-93.22 dumps with Test Engine here:
An administrator is investigating an alert and reads a summary that says: The application powershell.exe was leveraged to make a potentially malicious network connection. Which action should the administrator take immediately to block that connection?
Correct Answer: D
Explanation The correct answer is to click Drop Connection, which is a feature of VMware Carbon Black Cloud Endpoint Standard that allows the administrator to immediately terminate a network connection that is deemed malicious or suspicious. This feature can be accessed from the Alert Details page, where the administrator can see the application, process, and destination IP address of the connection. By clicking Drop Connection, the administrator can block the connection without affecting the rest of the system or network. This is a quick and effective way to stop a potential threat from communicating with a remote server or exfiltrating data. References: = VMware Carbon Black Cloud Endpoint Standard Skills Reference Materials, Section 4.3: Investigate Alerts, Subsection 4.3.2: Drop Connection.
