A security analyst is investigating a threat alert in VMware Carbon Black Cloud. They need to understand the full execution chain of a suspicious binary, including all parent and child processes, network connections, and registry modifications initiated by the threat. Which feature within the Carbon Black Cloud console provides this detailed, chronological visualization?
A company is implementing a Zero Trust security model for its data center using VMware NSX-T. The primary goal is to prevent lateral movement of threats by isolating every workload. Which NSX-T feature is the most fundamental component for achieving this level of granular, workload-centric isolation?
A Workspace ONE administrator needs to configure a compliance policy that automatically performs an enterprise wipe on any jailbroken or rooted Android device as soon as it is detected. Which two components must be configured in the Workspace ONE UEM console to achieve this? (Select TWO)
True or False: VMware Carbon Black Cloud's Next-Generation Antivirus (NGAV) capabilities rely solely on signature-based detection to identify and block malware.
A financial services firm is deploying VMware Carbon Black Cloud. Due to strict data residency regulations, all endpoint telemetry data must be stored and processed within the European Union. During the initial setup of the Carbon Black Cloud organization, which setting determines the geographical location of the data storage?
An administrator is reviewing the performance of the Carbon Black Cloud sensor on a fleet of developer workstations. They notice that builds of a custom, in-house application are taking significantly longer than expected. They suspect the sensor's real-time scanning is causing the performance degradation. What is the most precise and secure method to exclude the application's build directory from scanning without creating a broad security gap?
A security team is designing an NSX-T Distributed Firewall policy for a three-tier web application. The policy must enforce the following communication flow: ```mermaid graph TD Internet --> F5_LB[Load Balancer] F5_LB --> Web_Tier Web_Tier -->|TCP/8443| App_Tier App_Tier -->|TCP/1433| DB_Tier ``` Which type of DFW rule should be created to allow traffic from the Web_Tier to the App_Tier?
A company uses Workspace ONE UEM to manage its corporate-owned iOS devices. A new security mandate requires that devices must be updated to the latest major iOS version within 30 days of its public release. How can an administrator enforce this policy and track compliance?
A new administrator is trying to understand the different policy modes in VMware Carbon Black Cloud. They need to configure a policy for a group of critical servers that should block all known malware but only report on, not block, potentially unwanted programs (PUPs). Which policy mode should be used?
**Case Study** A healthcare organization, HealthFirst, is modernizing its security posture to protect sensitive patient data (ePHI) and comply with HIPAA regulations. Their environment consists of a vSphere-based private cloud hosting their Electronic Health Record (EHR) system and a mix of corporate-owned and BYOD mobile devices used by clinicians to access patient information. The CISO has mandated a move to a Zero Trust architecture. The EHR system is a classic three-tier application (Web, Application, Database). Currently, all servers for this application reside on the same VLAN, allowing unrestricted communication between them. Clinicians use a variety of iOS and Android devices to access a web portal for the EHR system. The security team has identified lateral movement within the data center and unmanaged, non-compliant mobile devices as their two biggest risks. **Requirements:** 1. Prevent lateral threat movement between the EHR application tiers. 2. Ensure that only compliant and trusted mobile devices can access the EHR web portal. 3. Provide detailed visibility into any attempted attacks on the EHR servers. 4. The solution must be centrally managed and integrated. Which combination of VMware products best fulfills all of HealthFirst's requirements?