VMware 1v0-81-20 online test

Question 1

Which VMware product allows you to query an endpoint like a database?

• A. VMware NSX-T Data Center
• B. VMware Carbon Black Audit & Remediation
• C. VMware Workspace ONE UEM
• D. VMware Carbon Black Endpoint Standard

Answer:

C

Question 2

Which three are industry best practices of Zero Trust framework? (Choose three.)

• A. Employee machines need to have a passcode profile setup
• B. Employee machines on Internal network are trusted and have access to all internal resources
• C. Employee machines are checked for compliance before they get access to applications
• D. Employees are not required to provide MFA to access internal resources over VPN
• E. Employees get access to only the required resources to get their job done

Answer:

A, C, E

Question 3

Which three default connectors are available in Workspace ONE Intelligence to execute automation
actions? (Choose three.)

• A. ServiceNow
• B. vRealize Operations Manager
• C. Slack
• D. Log Insight
• E. Workspace ONE UEM

Answer:

A, C, E

Explanation:
Reference:
https://docs.vmware.com/en/VMware-Workspace-ONE/services/intelligence-documentation/GUID-21_intel_automations.html

Question 4

Refer to the exhibit.

Which statement is true about the firewall rule?

• A. It is a gateway firewall applied to a Tier-0 gateway that drops traffic on port 22
• B. It is a distributed firewall applied to App-Services, DB-Servers and Web-Servers that rejects traffic on port 22
• C. It is a distributed firewall applied to App-Services, DB-Servers and Web-Servers that drops traffic on port 22
• D. It is a gateway firewall applied to a Tier-0 gateway that rejects traffic on port 22

Answer:

A

Question 5

Refer to the exhibit.

From the VMware Carbon Black Cloud console, what page do you go to after clicking the Non-
Malware bar in the Potentially Suspicious Activity chart?

• A. Notifications page with the selected alert filtered
• B. Reputations page with the selected reputation filtered
• C. Investigate page with the selected reputation filtered
• D. Alerts page with the selected alert filtered

Answer:

D

Reference:
https://docs.vmware.com/en/VMware-Carbon-Black-Cloud/services/carbon-black-cloud-
user-guide.pdf
(15)

Question 6

Which four alert filters are available in the VMware Carbon Black Cloud Investigate page? (Choose
four.)

• A. Watchlist
• B. Target Value
• C. Policy
• D. Security Alert List
• E. Effective Reputation
• F. Alert Severity

Answer:

A, B, C, F

Question 7

Which is a common solution to implement for inbound network attacks?

• A. Load Balancer
• B. Firewall
• C. Proxy
• D. Reverse Proxy

Answer:

B

Question 8

Which two are true about a VMware Service-defined Firewall? (Choose two.)

• A. A firewall that allows you to use 3rd party features like IDS/IPS, threat protection, anti-bot, and anti-virus solutions
• B. A firewall that blocks external access into your internal network based on IP services
• C. A firewall that enforces policy for North-South traffic
• D. A firewall that is auto scalable as new workloads are deployed
• E. A firewall that provides East-West protection between internal applications

Answer:

A, E

Question 9

Which of the following is true about VMware Carbon Black Cloud Enterprise EDR watchlists?

• A. They only update annually
• B. You cannot customize them
• C. They are made up of reports
• D. Each watchlist is user specific

Answer:

D

Reference:
https://docs.vmware.com/en/VMware-Carbon-Black-
EDR/7.5/VMware%20Carbon%20Black%20EDR%207.5%20User%20Guide.pdf

Question 10

A technician has been asked to confirm a specific browser extension does not exist on any endpoint
in their environment.
Which is the VMware Carbon Black tool to use for this task?

• A. Enterprise EDR
• B. EDR
• C. Audit and Remediation
• D. Endpoint Standard

Answer:

A