CrowdStrike CCFA-200 CrowdStrike Certified Falcon Administrator Online Training
CrowdStrike CCFA-200 Online Training
The questions for CCFA-200 were last updated at Feb 13,2025.
- Exam Code: CCFA-200
- Exam Name: CrowdStrike Certified Falcon Administrator
- Certification Provider: CrowdStrike
- Latest update: Feb 13,2025
Under the "Next-Gen Antivirus: Cloud Machine Learning" setting there are two categories, one of them is "Cloud Anti-Malware" and the other is:
- A . Adware & PUP
- B . Advanced Machine Learning
- C . Sensor Anti-Malware
- D . Execution Blocking
What is the purpose of precedence with respect to the Sensor Update policy?
- A . Precedence applies to the Prevention policy and not to the Sensor Update policy
- B . Hosts assigned to multiple policies will assume the highest ranked policy in the list (policy with the lowest number)
- C . Hosts assigned to multiple policies will assume the lowest ranked policy in the list (policy with the highest number)
- D . Precedence ensures that conflicting policy settings are not set in the same policy
Which is the correct order for manually installing a Falcon Package on a macOS system?
- A . Install the Falcon package, then register the Falcon Sensor via the registration package
- B . Install the Falcon package, then register the Falcon Sensor via command line
- C . Register the Falcon Sensor via command line, then install the Falcon package
- D . Register the Falcon Sensor via the registration package, then install the Falcon package
When uninstalling a sensor, which of the following is required if the ‘Uninstall and maintenance protection’ setting is enabled within the Sensor Update Policies?
- A . Maintenance token
- B . Customer ID (CID)
- C . Bulk update key
- D . Agent ID (AID)
Which of the following Machine Learning (ML) sliders will only detect or prevent high confidence malicious items?
- A . Aggressive
- B . Cautious
- C . Minimal
- D . Moderate
You are attempting to install the Falcon sensor on a host with a slow Internet connection and the installation fails after 20 minutes.
Which of the following parameters can be used to override the 20 minute default provisioning window?
- A . ExtendedWindow=1
- B . Timeout=0
- C . ProvNoWait=1
- D . Timeout=30
Your CISO has decided all Falcon Analysts should also have the ability to view files and file contents locally on compromised hosts, but without the ability to take them off the host.
What is the most appropriate role that can be added to fullfil this requirement?
- A . Remediation Manager
- B . Real Time Responder C Read Only Analyst
- C . Falcon Analyst C Read Only
- D . Real Time Responder C Active Responder
Which option allows you to exclude behavioral detections from the detections page?
- A . Machine Learning Exclusion
- B . IOA Exclusion
- C . IOC Exclusion
- D . Sensor Visibility Exclusion
Which role will allow someone to manage quarantine files?
- A . Falcon Security Lead
- B . Detections Exceptions Manager
- C . Falcon Analyst C Read Only
- D . Endpoint Manager
When a host is placed in Network Containment, which of the following is TRUE?
- A . The host machine is unable to send or receive network traffic outside of the local network
- B . The host machine is unable to send or receive network traffic except to/from the Falcon Cloud and traffic allowed in the Firewall Policy
- C . The host machine is unable to send or receive any network traffic
- D . The host machine is unable to send or receive network traffic except to/from the Falcon Cloud and any resources allowlisted in the Containment Policy
Latest CCFA-200 Dumps Valid Version with 96 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
