- All Exams Instant Download
Which role allows a user to connect to hosts using Real-Time Response?
Which role allows a user to connect to hosts using Real-Time Response?A . Endpoint ManagerB . Falcon AdministratorC . Real Time Responder C Active ResponderD . Prevention Hashes ManagerView AnswerAnswer: C
When creating new IOCs in IOC management, which of the following fields must be configured?
When creating new IOCs in IOC management, which of the following fields must be configured?A . Hash, Description, FilenameB . Hash, Action and Expiry DateC . Filename, Severity and Expiry DateD . Hash, Platform and ActionView AnswerAnswer: D
How do you find a list of inactive sensors?
How do you find a list of inactive sensors?A . The Falcon platform does not provide reporting for inactive sensorsB . A sensor is always considered active until removed by an AdministratorC . Run the Inactive Sensor Report in the Host setup and management optionD . Run the Sensor Aging...
Which of the following is TRUE of the Logon Activities Report?
Which of the following is TRUE of the Logon Activities Report?A . Shows a graphical view of user logon activity and the hosts the user connected toB . The report can be filtered by computer nameC . It gives a detailed list of all logon activity for usersD . It...
What is the most appropriate role that can be added to fullfil this requirement?
Your CISO has decided all Falcon Analysts should also have the ability to view files and file contents locally on compromised hosts, but without the ability to take them off the host. What is the most appropriate role that can be added to fullfil this requirement?A . Remediation ManagerB ....
When a host is placed in Network Containment, which of the following is TRUE?
When a host is placed in Network Containment, which of the following is TRUE?A . The host machine is unable to send or receive network traffic outside of the local networkB . The host machine is unable to send or receive network traffic except to/from the Falcon Cloud and traffic...
Where do you obtain the Windows sensor installer for CrowdStrike Falcon?
Where do you obtain the Windows sensor installer for CrowdStrike Falcon?A . Sensors are downloaded from the Hosts > Sensor DownloadsB . Sensor installers are unique to each customer and must be obtained from supportC . Sensor installers are downloaded from the Support section of the CrowdStrike websiteD . Sensor...
Where can you modify settings to permit certain traffic during a containment period?
Where can you modify settings to permit certain traffic during a containment period?A . Prevention PolicyB . Host SettingsC . Containment PolicyD . Firewall SettingsView AnswerAnswer: C
Which role do you need added to your user account to have this capability?
Even though you are a Falcon Administrator, you discover you are unable to use the "Connect to Host" feature to gather additional information which is only available on the host. Which role do you need added to your user account to have this capability?A . Real Time ResponderB . Endpoint...
Which of the following options is a feature found ONLY with the Sensor-based Machine Learning (ML)?
Which of the following options is a feature found ONLY with the Sensor-based Machine Learning (ML)?A . Next-Gen Antivirus (NGAV) protectionB . Adware and Potentially Unwanted Program detection and preventionC . Real-time offline protectionD . Identification and analysis of unknown executablesView AnswerAnswer: D
