- All Exams Instant Download
What is the maximum number of patterns that can be added when creating a new exclusion?
What is the maximum number of patterns that can be added when creating a new exclusion?A . 10B . 0C . 1D . 5View AnswerAnswer: C
What is the purpose of using groups with Sensor Update policies in CrowdStrike Falcon?
What is the purpose of using groups with Sensor Update policies in CrowdStrike Falcon?A . To group hosts with others in the same business unitB . To group hosts according to the order in which Falcon was installed, so that updates are installed in the same order every timeC ....
What is the best way to prevent these in the future?
You have determined that you have numerous Machine Learning detections in your environment that are false positives. They are caused by a single binary that was custom written by a vendor for you and that binary is running on many endpoints. What is the best way to prevent these in...
Once an exclusion is saved, what can be edited in the future?
Once an exclusion is saved, what can be edited in the future?A . All parts of the exclusion can be changedB . Only the selected groups and hosts to which the exclusion is applied can be changedC . Only the options to "Detect/Block" and/or "File Extraction" can be changedD ....
When creating a Host Group for all Workstations in an environment, what is the best method to ensure all workstation hosts are added to the group?
When creating a Host Group for all Workstations in an environment, what is the best method to ensure all workstation hosts are added to the group?A . Create a Dynamic Group with Type=Workstation AssignmentB . Create a Dynamic Group and Import All WorkstationsC . Create a Static Group and Import...
Which other operating system(s) will this policy manage?
You have created a Sensor Update Policy for the Mac platform. Which other operating system(s) will this policy manage?A . *nixB . WindowsC . Both Windows and *nixD . Only MacView AnswerAnswer: D Explanation: Reference: https://www.crowdstrike.com/blog/tech-center/how-to-manage-policies-in-falcon/
Which of the following is TRUE of the Logon Activities Report?
Which of the following is TRUE of the Logon Activities Report?A . Shows a graphical view of user logon activity and the hosts the user connected toB . The report can be filtered by computer nameC . It gives a detailed list of all logon activity for usersD . It...
Which is the best way to accomplish this?
You have been provided with a list of 100 hashes that are not malicious but your company has deemed to be inappropriate for work computers. They have asked you to ensure that they are not allowed to run in your environment. You have chosen to use Falcon to do this....
When uninstalling a sensor, which of the following is required if the 'Uninstall and maintenance protection' setting is enabled within the Sensor Update Policies?
When uninstalling a sensor, which of the following is required if the 'Uninstall and maintenance protection' setting is enabled within the Sensor Update Policies?A . Maintenance tokenB . Customer ID (CID)C . Bulk update keyD . Agent ID (AID)View AnswerAnswer: A
Which of the following applies to Custom Blocking Prevention Policy settings?
Which of the following applies to Custom Blocking Prevention Policy settings?A . Hashes must be entered on the Prevention Hashes page before they can be blocked via this policyB . Blocklisting applies to hashes, IP addresses, and domainsC . Executions blocked via hash blocklist may have partially executed prior to...
