- All Exams Instant Download
Under the "Next-Gen Antivirus: Cloud Machine Learning" setting there are two categories, one of them is "Cloud Anti-Malware" and the other is:
Under the "Next-Gen Antivirus: Cloud Machine Learning" setting there are two categories, one of them is "Cloud Anti-Malware" and the other is:A . Adware & PUPB . Advanced Machine LearningC . Sensor Anti-MalwareD . Execution BlockingView AnswerAnswer: A
When creating new IOCs in IOC management, which of the following fields must be configured?
When creating new IOCs in IOC management, which of the following fields must be configured?A . Hash, Description, FilenameB . Hash, Action and Expiry DateC . Filename, Severity and Expiry DateD . Hash, Platform and ActionView AnswerAnswer: D
Which statement is TRUE concerning Falcon sensor certificate validation?
The Falcon sensor uses certificate pinning to defend against man-in-the-middle attacks. Which statement is TRUE concerning Falcon sensor certificate validation?A . SSL inspection should be configured to occur on all Falcon trafficB . Some network configurations, such as deep packet inspection, interfere with certificate validationC . HTTPS interception should be...
What impact does disabling detections on a host have on an API?
What impact does disabling detections on a host have on an API?A . Endpoints with detections disabled will not alert on anything until detections are enabled againB . Endpoints cannot have their detections disabled individuallyC . DetectionSummaryEvent stops sending to the Streaming API for that hostD . Endpoints with detections...
What command should be run to verify if a Windows sensor is running?
What command should be run to verify if a Windows sensor is running?A . regedit myfile.regB . sc query csagentC . netstat -fD . ps -ef | grep falconView AnswerAnswer: B
Which port and protocol does the sensor use to communicate with the CrowdStrike Cloud?
Which port and protocol does the sensor use to communicate with the CrowdStrike Cloud?A . TCP port 22 (SSH)B . TCP port 443 (HTTPS)C . TCP port 80 (HTTP)D . TCP UDP port 53 (DNS)View AnswerAnswer: B
How do you disable all detections for a host?
How do you disable all detections for a host?A . Create an exclusion rule and apply it to the machine or group of machinesB . Contact support and provide them with the Agent ID (AID) for the machine and they will put it on the Disabled Hosts list in your...
What is the best way to update the workflow?
You have an existing workflow that is triggered on a critical detection that sends an email to the escalation team. Your CISO has asked to also be notified via email with a customized message. What is the best way to update the workflow?A . Clone the workflow and replace the...
An administrator creating an exclusion is limited to applying a rule to how many groups of hosts?
An administrator creating an exclusion is limited to applying a rule to how many groups of hosts?A . File exclusions are not aligned to groups or hostsB . There is a limit of three groups of hosts applied to any exclusionC . There is no limit and exclusions can be...
What is the most appropriate role that can be added to fullfil this requirement?
Your CISO has decided all Falcon Analysts should also have the ability to view files and file contents locally on compromised hosts, but without the ability to take them off the host. What is the most appropriate role that can be added to fullfil this requirement?A . Remediation ManagerB ....
