- All Exams Instant Download
Where should you first check for potential failures?
An analyst has reported they are not receiving workflow triggered notifications in the past few days. Where should you first check for potential failures?A . Custom Alert HistoryB . Workflow Execution logC . Workflow Audit logD . Falcon UI Audit TrailView AnswerAnswer: B
Which of the following Machine Learning (ML) sliders will only detect or prevent high confidence malicious items?
Which of the following Machine Learning (ML) sliders will only detect or prevent high confidence malicious items?A . AggressiveB . CautiousC . MinimalD . ModerateView AnswerAnswer: B
What is the purpose of precedence with respect to the Sensor Update policy?
What is the purpose of precedence with respect to the Sensor Update policy?A . Precedence applies to the Prevention policy and not to the Sensor Update policyB . Hosts assigned to multiple policies will assume the highest ranked policy in the list (policy with the lowest number)C . Hosts assigned...
What setting can you use to reduce false positives on this file path?
One of your development teams is working on code for a new enterprise application but Falcon continually flags the execution as a detection during testing. All development work is required to be stored on a file share in a folder called "devcode." What setting can you use to reduce false...
Where in the Falcon console can information about supported operating system versions be found?
Where in the Falcon console can information about supported operating system versions be found?A . Configuration moduleB . Intelligence moduleC . Support moduleD . Discover moduleView AnswerAnswer: C
Which role allows a user to connect to hosts using Real-Time Response?
Which role allows a user to connect to hosts using Real-Time Response?A . Endpoint ManagerB . Falcon AdministratorC . Real Time Responder C Active ResponderD . Prevention Hashes ManagerView AnswerAnswer: C
Which role will allow someone to manage quarantine files?
Which role will allow someone to manage quarantine files?A . Falcon Security LeadB . Detections Exceptions ManagerC . Falcon Analyst C Read OnlyD . Endpoint ManagerView AnswerAnswer: A
Which option allows you to exclude behavioral detections from the detections page?
Which option allows you to exclude behavioral detections from the detections page?A . Machine Learning ExclusionB . IOA ExclusionC . IOC ExclusionD . Sensor Visibility ExclusionView AnswerAnswer: B
How do you assign a Prevention policy to one or more hosts?
How do you assign a Prevention policy to one or more hosts?A . Create a new policy and assign it directly to those hosts on the Host Management pageB . Modify the users roles on the User Management pageC . Ensure the hosts are in a group and assign that...
Where can you modify settings to permit certain traffic during a containment period?
Where can you modify settings to permit certain traffic during a containment period?A . Prevention PolicyB . Host SettingsC . Containment PolicyD . Firewall SettingsView AnswerAnswer: C
