- All Exams Instant Download
What is the next step to disable RTR only on these hosts?
Your organization has a set of servers that are not allowed to be accessed remotely, including via Real Time Response (RTR). You already have these servers in their own Falcon host group. What is the next step to disable RTR only on these hosts?A . Edit the Default Response Policy,...
Why is the ability to disable detections helpful?
Why is the ability to disable detections helpful?A . It gives users the ability to set up hosts to test detections and later remove them from the consoleB . It gives users the ability to uninstall the sensor from a hostC . It gives users the ability to allowlist a...
Which exclusion pattern will prevent detections on a file at C:Program FilesMy ProgramMy Filesprogram.exe?
Which exclusion pattern will prevent detections on a file at C:Program FilesMy ProgramMy Filesprogram.exe?A . Program FilesMy ProgramMy Files*B . Program FilesMy Program*C . **D . *Program FilesMy Program*View AnswerAnswer: A
When a host is placed in Network Containment, which of the following is TRUE?
When a host is placed in Network Containment, which of the following is TRUE?A . The host machine is unable to send or receive network traffic outside of the local networkB . The host machine is unable to send or receive network traffic except to/from the Falcon Cloud and traffic...
How can a Falcon Administrator configure a pop-up message to be displayed on a host when the Falcon sensor blocks, kills or quarantines an activity?
How can a Falcon Administrator configure a pop-up message to be displayed on a host when the Falcon sensor blocks, kills or quarantines an activity?A . By ensuring each user has set the "pop-ups allowed" in their User Profile configuration pageB . By enabling "Upload quarantined files" in the General...
What is the maximum number of patterns that can be added when creating a new exclusion?
What is the maximum number of patterns that can be added when creating a new exclusion?A . 10B . 0C . 1D . 5View AnswerAnswer: C
What is the purpose of using groups with Sensor Update policies in CrowdStrike Falcon?
What is the purpose of using groups with Sensor Update policies in CrowdStrike Falcon?A . To group hosts with others in the same business unitB . To group hosts according to the order in which Falcon was installed, so that updates are installed in the same order every timeC ....
What is the best way to prevent these in the future?
You have determined that you have numerous Machine Learning detections in your environment that are false positives. They are caused by a single binary that was custom written by a vendor for you and that binary is running on many endpoints. What is the best way to prevent these in...
Once an exclusion is saved, what can be edited in the future?
Once an exclusion is saved, what can be edited in the future?A . All parts of the exclusion can be changedB . Only the selected groups and hosts to which the exclusion is applied can be changedC . Only the options to "Detect/Block" and/or "File Extraction" can be changedD ....
When creating a Host Group for all Workstations in an environment, what is the best method to ensure all workstation hosts are added to the group?
When creating a Host Group for all Workstations in an environment, what is the best method to ensure all workstation hosts are added to the group?A . Create a Dynamic Group with Type=Workstation AssignmentB . Create a Dynamic Group and Import All WorkstationsC . Create a Static Group and Import...
