Which exclusion pattern will prevent detections on a file at C:Program FilesMy ProgramMy Filesprogram.exe?
Which exclusion pattern will prevent detections on a file at C:Program FilesMy ProgramMy Filesprogram.exe?A . Program FilesMy ProgramMy Files* B. Program FilesMy Program* C. ** D. *Program FilesMy Program*View AnswerAnswer: A
Once an exclusion is saved, what can be edited in the future?
Once an exclusion is saved, what can be edited in the future?A . All parts of the exclusion can be changed B. Only the selected groups and hosts to which the exclusion is applied can be changed C. Only the options to "Detect/Block" and/or "File Extraction" can be changed D....
In order to quarantine files on the host, what prevention policy settings must be enabled?
In order to quarantine files on the host, what prevention policy settings must be enabled?A . Malware Protection and Custom Execution Blocking must be enabled B. Next-Gen Antivirus Prevention sliders and "Quarantine & Security Center Registration" must be enabled C. Malware Protection and Windows Anti-Malware Execution Blocking must be enabled...
What impact does disabling detections on a host have on an API?
What impact does disabling detections on a host have on an API?A . Endpoints with detections disabled will not alert on anything until detections are enabled again B. Endpoints cannot have their detections disabled individually C. DetectionSummaryEvent stops sending to the Streaming API for that host D. Endpoints with detections...
Which role will allow someone to manage quarantine files?
Which role will allow someone to manage quarantine files?A . Falcon Security Lead B. Detections Exceptions Manager C. Falcon Analyst C Read Only D. Endpoint ManagerView AnswerAnswer: B
How are user permissions set in Falcon?
How are user permissions set in Falcon?A . Permissions are assigned to a User Group and then users are assigned to that group, thereby inheriting those permissions B. Pre-defined permissions are assigned to sets called roles. Users can be assigned multiple roles based on job function and they assume a...
What is the most appropriate role that can be added to fullfil this requirement?
Your CISO has decided all Falcon Analysts should also have the ability to view files and file contents locally on compromised hosts, but without the ability to take them off the host. What is the most appropriate role that can be added to fullfil this requirement?A . Remediation Manager B....
What is the purpose of precedence with respect to the Sensor Update policy?
What is the purpose of precedence with respect to the Sensor Update policy?A . Precedence applies to the Prevention policy and not to the Sensor Update policy B. Hosts assigned to multiple policies will assume the highest ranked policy in the list (policy with the lowest number) C. Hosts assigned...
Why is the ability to disable detections helpful?
Why is the ability to disable detections helpful?A . It gives users the ability to set up hosts to test detections and later remove them from the console B. It gives users the ability to uninstall the sensor from a host C. It gives users the ability to allowlist a...
What is the maximum number of patterns that can be added when creating a new exclusion?
What is the maximum number of patterns that can be added when creating a new exclusion?A . 10 B. 0 C. 1 D. 5View AnswerAnswer: D