- All Exams Instant Download
What is the next step to disable RTR only on these hosts?
Your organization has a set of servers that are not allowed to be accessed remotely, including via Real Time Response (RTR). You already have these servers in their own Falcon host group. What is the next step to disable RTR only on these hosts?A . Edit the Default Response Policy,...
Which of the following Machine Learning (ML) sliders will only detect or prevent high confidence malicious items?
Which of the following Machine Learning (ML) sliders will only detect or prevent high confidence malicious items?A . Aggressive B. Cautious C. Minimal D. ModerateView AnswerAnswer: B
Which of the following parameters can be used to override the 20 minute default provisioning window?
You are attempting to install the Falcon sensor on a host with a slow Internet connection and the installation fails after 20 minutes. Which of the following parameters can be used to override the 20 minute default provisioning window?A . ExtendedWindow=1 B. Timeout=0 C. ProvNoWait=1 D. Timeout=30View AnswerAnswer: C
Where should you first check for potential failures?
An analyst has reported they are not receiving workflow triggered notifications in the past few days. Where should you first check for potential failures?A . Custom Alert History B. Workflow Execution log C. Workflow Audit log D. Falcon UI Audit TrailView AnswerAnswer: B
Which exclusion pattern will prevent detections on a file at C:Program FilesMy ProgramMy Filesprogram.exe?
Which exclusion pattern will prevent detections on a file at C:Program FilesMy ProgramMy Filesprogram.exe?A . Program FilesMy ProgramMy Files* B. Program FilesMy Program* C. ** D. *Program FilesMy Program*View AnswerAnswer: A
When uninstalling a sensor, which of the following is required if the 'Uninstall and maintenance protection' setting is enabled within the Sensor Update Policies?
When uninstalling a sensor, which of the following is required if the 'Uninstall and maintenance protection' setting is enabled within the Sensor Update Policies?A . Maintenance token B. Customer ID (CID) C. Bulk update key D. Agent ID (AID)View AnswerAnswer: A
Which is the correct order for manually installing a Falcon Package on a macOS system?
Which is the correct order for manually installing a Falcon Package on a macOS system?A . Install the Falcon package, then register the Falcon Sensor via the registration package B. Install the Falcon package, then register the Falcon Sensor via command line C. Register the Falcon Sensor via command line,...
When creating new IOCs in IOC management, which of the following fields must be configured?
When creating new IOCs in IOC management, which of the following fields must be configured?A . Hash, Description, Filename B. Hash, Action and Expiry Date C. Filename, Severity and Expiry Date D. Hash, Platform and ActionView AnswerAnswer: D
Under the "Next-Gen Antivirus: Cloud Machine Learning" setting there are two categories, one of them is "Cloud Anti-Malware" and the other is:
Under the "Next-Gen Antivirus: Cloud Machine Learning" setting there are two categories, one of them is "Cloud Anti-Malware" and the other is:A . Adware & PUP B. Advanced Machine Learning C. Sensor Anti-Malware D. Execution BlockingView AnswerAnswer: A
What is the purpose of using groups with Sensor Update policies in CrowdStrike Falcon?
What is the purpose of using groups with Sensor Update policies in CrowdStrike Falcon?A . To group hosts with others in the same business unit B. To group hosts according to the order in which Falcon was installed, so that updates are installed in the same order every time C....
