- All Exams Instant Download
What is the best way to update the workflow?
You have an existing workflow that is triggered on a critical detection that sends an email to the escalation team. Your CISO has asked to also be notified via email with a customized message. What is the best way to update the workflow?A . Clone the workflow and replace the...
Where should you first check for potential failures?
An analyst has reported they are not receiving workflow triggered notifications in the past few days. Where should you first check for potential failures?A . Custom Alert HistoryB . Workflow Execution logC . Workflow Audit logD . Falcon UI Audit TrailView AnswerAnswer: B
Which statement is TRUE concerning Falcon sensor certificate validation?
The Falcon sensor uses certificate pinning to defend against man-in-the-middle attacks. Which statement is TRUE concerning Falcon sensor certificate validation?A . SSL inspection should be configured to occur on all Falcon trafficB . Some network configurations, such as deep packet inspection, interfere with certificate validationC . HTTPS interception should be...
Which other operating system(s) will this policy manage?
You have created a Sensor Update Policy for the Mac platform. Which other operating system(s) will this policy manage?A . *nixB . WindowsC . Both Windows and *nixD . Only MacView AnswerAnswer: D Explanation: Reference: https://www.crowdstrike.com/blog/tech-center/how-to-manage-policies-in-falcon/
What is the purpose of precedence with respect to the Sensor Update policy?
What is the purpose of precedence with respect to the Sensor Update policy?A . Precedence applies to the Prevention policy and not to the Sensor Update policyB . Hosts assigned to multiple policies will assume the highest ranked policy in the list (policy with the lowest number)C . Hosts assigned...
What can the Quarantine Manager role do?
What can the Quarantine Manager role do?A . Manage and change prevention settingsB . Manage quarantined files to release and downloadC . Manage detection settingsD . Manage roles and usersView AnswerAnswer: B
Which of the following options is a feature found ONLY with the Sensor-based Machine Learning (ML)?
Which of the following options is a feature found ONLY with the Sensor-based Machine Learning (ML)?A . Next-Gen Antivirus (NGAV) protectionB . Adware and Potentially Unwanted Program detection and preventionC . Real-time offline protectionD . Identification and analysis of unknown executablesView AnswerAnswer: D
Which of the following parameters can be used to override the 20 minute default provisioning window?
You are attempting to install the Falcon sensor on a host with a slow Internet connection and the installation fails after 20 minutes. Which of the following parameters can be used to override the 20 minute default provisioning window?A . ExtendedWindow=1B . Timeout=0C . ProvNoWait=1D . Timeout=30View AnswerAnswer: C
Which is the correct order for manually installing a Falcon Package on a macOS system?
Which is the correct order for manually installing a Falcon Package on a macOS system?A . Install the Falcon package, then register the Falcon Sensor via the registration packageB . Install the Falcon package, then register the Falcon Sensor via command lineC . Register the Falcon Sensor via command line,...
What information is provided in Logan Activities under Visibility Reports?
What information is provided in Logan Activities under Visibility Reports?A . A list of all logons for all usersB . A list of last endpoints that a user logged in toC . A list of users who are remotely logged on to devices based on local IP and local portD...
