2V0-81.20 Online Practice Questions and Answers

An administrator found an unwanted/untrusted application running in their environment.

What is the most efficient way of preventing the unwanted application from running and stopping any

existing instances in Carbon Black Cloud?

A. Mark the file as a PUP (Potentially Unwanted Program).

B. Add a rule to each policy for unwanted.exe runs or if running terminate.

C. Send a delete application request to each machine.

D. Add the unwanted files hash to the company banned list.

In a Carbon Black Cloud deployment, which two are recommended troubleshooting steps for Live Response not working? (Choose two.)

A. Restart the Live Response Service three times to autocorrect.

B. Ensure a duplicate Live Response session does not exist.

C. Confirm Live Response is enabled in Sensor Policy settings.

D. Ensure the account has RBAC permission for Live Response.

E. Confirm the Live Response timeline spans the search window.

Which is the built-in two factor authentication method in Workspace ONE Access?

A. VMware Verify

B. VMware SMS

C. VMware Auth

D. VMware Push

Refer to the exhibit.

What command was run on the NSX Edge node to pull this information?

A. get tunnel-ID

B. show vteps

C. get vteps

D. list vteps

Which two options are available for Windows Update Source when creating a Windows Profile for patch management in a Workspace ONE deployment? (Choose two.)

A. VMware Update Manager

B. Microsoft Update Service

C. VMware Update Service

D. Cloud Update Service

E. WSUS

Which three statements are correct for Active Directory integration with Identity Firewalls (IDFW) in an NSX-T Data Center deployment? (Choose three.)

A. The IDFW can be used on both physical and virtual servers as long as supported operating system is installed.

B. The Thin Agent must be enabled in VMWare tools as it is not enabled by default.

C. The IDFW can be used for Virtual Desktops (VDI) or Remote desktop sessions (RDSH support).

D. Identity-based groups can be used as the source or destination in DFW rules.

E. User identity information is provided by the NSX Guest Introspection Thin Agent.

An administrator has deployed a new NSX Distributed Firewall rule that allows only TLS 1.2 and TLS 1.3 HTTPS connections. The new rule is working, but TLS 1.0 and TLS 1.1 connections are still occurring. What step is required to enforce the TLS policy restriction?

A. Configure a Context Profile and select DNS-TCP and DNS-UDP attributes.

B. Configure a Context Profile and select a FQDN attributes.

C. Configure a Context Profile and select TLS 1.2 and 1.3 attributes.

D. Configure a Context Profile and select HTTPS and HTTP attributes.

In an NSX-T Data Center deployment, when assigning user rights, what right would an administrator assign to a user to administer security compliance policies?

A. Auditor

B. Security Engineer

C. NSX Administrator

D. Security Administrator

An administrator works for a company that supplies iOS devices to its employees. The administrator is notified there is a security vulnerability with the latest version of iOS. The administrator must prevent users from updating devices immediately. The administrator implements a device profile to configure the updates payload and prevent the devices from detecting the update. How long can devices be prevented from accessing the update from Apple?

A. 90 Days

B. 60 Days

C. 30 Days

D. 180 Days

What is the number of NSX managers that can be deployed in a NSX-T Data Center production environment?

A. a single NSX Manager and three NSX Controllers

B. a NSX Management Cluster of three Managers and a NSX Controllers Cluster of three Controllers

C. a single NSX Management Cluster of three Managers which includes the NSX Controller function

D. a single NSX Manager and a single NSX Controller