An administrator is troubleshooting App Control agent issues. When navigating to the Computer Details page, the administrator sees the following:
Answer : B
There is a need to ignore all activity at an application path.
Which rule definition should be used to address this need?
Answer : A
Reference:
https://community.carbonblack.com/t5/Knowledge-Base/Carbon-Black-Cloud-Console-How-to-Set-up-Exclusions-in-the/ta-p/42334
An analyst is investigating an alert within the Enterprise EDR console and needs to take action on it.
Which three actions are available to take on the alert? (Choose three.)
Answer : BCE
Reference:
https://community.carbonblack.com/t5/Knowledge-Base/Carbon-Black-Cloud-How-to-Dismiss-Alerts/ta-p/51766
An administrator needs to manage a group of sensors from within the console.
Which three actions are available for sensors within the Sensor Group? (Choose three.)
Answer : ACE
Reference:
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwjttoeA3ILvAhU6QhUIHZaND-YQFjAAegQIARAD&url=https%3A
%2F%2Fcommunity.carbonblack.com%2Fgbouw27325%2Fattachments%2Fgbouw27325%2Fproduct-docs-news%2F3020%2F1%
2FCB_EDR_7.3_User_Guide.pdf&usg=AOvVaw23smt4s66MWHdv9jM2PYF-
(86)
An analyst has investigated two alerts on two separate HR workstations and found that notepad.exe has established communication to another IP address.
Which rule will kill notepad.exe entirely if this activity is detected in the future?
Answer : C
Reference:
https://www.google.com/url?
sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwj88fL33YLvAhVQRhUIHYbdDxAQFjABegQIARAD&url=https%3A%2F%
2Fwww.carbonblack.com%2Fblog%2Fcb-threatsight-investigation-reveals-retadup-worm-leverages-autoit-launch-monero-cryptomining-campaign%
2F&usg=AOvVaw0De3tmD7FlQSs8VNMVsH7u