Associate VMware Security v1.0
Question 1
Which option would be considered an example of a Hardware Based Exploit?
- A. SQL Injection
- B. Social Engineering
- C. Jail Breaking
- D. Denial of Service
Answer : C
Reference:
https://www.kaspersky.com/resource-center/definitions/what-is-jailbreaking
Question 2
Network Security teams can leverage Micro-Segmentation for which purpose?
- A. deny attackers the possibility to breach the data center perimeter
- B. deny attackers the opportunity to move laterally within the internal network
- C. replace the need to leverage traditional network segmentation
- D. prevent a successful attack to any of the systems attached to the network
Answer : B
Question 3
Which three common mitigations for social engineering attacks? (Choose three.)
- A. user training
- B. filtering Email attachments
- C. update Antivirus software
- D. remove applications
- E. blocking execution of suspicious files
Answer : ACE
Question 4
In Workspace ONE Intelligence, which of the following is a role that can be assigned to an administrator account?
- A. Super User
- B. Helpdesk
- C. Read-only
- D. Automater
Answer : A
Question 5
In Workspace ONE UEM, from which menu would you access Workspace ONE Intelligence?
- A. Apps & Books
- B. General Settings
- C. Device
- D. Monitor
Answer : D
Explanation:
Reference:
https://docs.vmware.com/en/VMware-Workspace-ONE/services/intelligence-documentation/GUID-01_intel_intro.html#:~:text=Access%20Workspace
%20ONE%20Intelligence&text=Access%20the%20reports%20by%20navigating,console%2C%20follow%20the%20required%20steps
Question 6
Which VMware application enrolls an endpoint into Workspace ONE?
- A. Workspace ONE Web
- B. CB Defense Sensor
- C. VMware Horizon Client
- D. Workspace ONE Intelligent Hub
Answer : D
Explanation:
Reference:
https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/Windows_Desktop_Device_Management/GUID- uemWindeskDeviceEnrollment.html
Question 7
Least Privilege is a common method for minimizing the risk of what kind of threat?
- A. Insider Threats
- B. Spear Phishing
- C. Distributed Denial of Service
- D. Man in the Middle
Answer : A
Reference:
https://www.beyondtrust.com/blog/entry/what-is-least-privilege
Question 8
Which VMware Carbon Black Cloud function allows an administrator to remotely run commands on protected endpoints?
- A. Live Query
- B. Alert Triage
- C. Investigate
- D. Live Response
Answer : A
Reference:
https://docs.vmware.com/en/VMware-Carbon-Black-Cloud/services/carbon-black-cloud-user-guide.pdf
(26)
Question 9
Which NSX functionality allows technology partners to integrate third-party solutions to examine North-South and East-West network traffic?
- A. Guest Introspection
- B. Network Introspection
- C. Gateway Firewall
- D. Distributed Firewall
Answer : B
Question 10
An organization using VMware Carbon Black makes use of an unsigned third party application that is critical to business function. Unfortunately, the application has a reputation of Potentially Unwanted Program and is prevented from running based on the policy.
What Approved list mechanism will allow this application to run in your environment while maintaining the most secure posture?
- A. MD5 Hash based
- B. Certs based
- C. IT Tools based
- D. SHA-256 Hash based
Answer : D
Reference:
https://community.carbonblack.com/gbouw27325/attachments/gbouw27325/product-docs-news/3221/1/VMware%20Carbon%20Black%20App%
20Control%20User%20Guide%20v8.6.pdf
Question 11
Which three are components of the NSX-T Software-defined Firewall? (Choose three.)
- A. NSX Distributed IDS
- B. NSX Identity Firewall
- C. NSX Edge Firewall
- D. NSX Intelligence
- E. NSX Distributed Firewall
- F. NSX Identity Manager
Answer : ADE
Reference:
https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/products/nsx/vmware-nsx-datasheet.pdf
Question 12
What is one of the limitations of traditional Antivirus when compared to Next Generation Antivirus?
- A. Traditional AV does not need a client installed on the machines to function
- B. Traditional AV focuses on signature or definition based threats
- C. Traditional AV requires integration with a SIEM to use the next generation features
- D. Traditional AV does not provide a dashboard
Answer : B
Explanation:
Reference:
https://cipher.com/blog/next-generation-antivirus-ngav-vs-traditional-subscription-antivirus/
Question 13
In VMware Carbon Black Cloud, which reputations have the highest priority during analysis?
- A. Known Priority
- B. Trusted Allow List
- C. Company Allow List
- D. Ignore
Answer : B
Question 14
If the Compromised Protection switch is enabled in Workspace ONE UEM, what is the expected behavior on compromised devices in the environment?
- A. A tag is assigned to the compromised devices and the admin gets notification
- B. Compromised devices are automatically Enterprise Wiped
- C. A block is set for all network connections except to the VMware servers
- D. Devices are marked as non-compliant and the admin gets a notification
Answer : D
Question 15
In a Workspace ONE deployment, Per App Tunnel uses the Native Platform API for which platforms?
- A. iOS & Android only
- B. iOS, Android, MacOS & Windows
- C. iOS & MacOS only
- D. Android & Windows only
Answer : A
Explanation:
Reference:
https://techzone.vmware.com/deploying-vmware-workspace-one-tunnel-workspace-one-operational-tutorial#_1223703