Which of the following is NOT an option for any Event Action?
After running an Event Search, you can select many Event Actions depending on your results.
Which of the following is NOT an option for any Event Action?
A . Draw Process Explorer
B . Show a +/- 10-minute window of events
C . Show a Process Timeline for the responsible process
D . Show Associated Event Data (from TargetProcessld_decimal or ContextProcessld_decimal)
Answer: A
Explanation:
According to the CrowdStrike Falcon Devices Add-on for Splunk Installation and Configuration Guide v3.1.5+, the Event Search tool allows you to search for events based on various criteria, such as event type, timestamp, hostname, IP address, etc1. You can also select one or more events and perform various actions, such as show a process timeline, show a host timeline, show associated event data, show a +/- 10-minute window of events, etc1. However, there is no option to draw a process explorer, which is a graphical representation of the process hierarchy and activity1.
Latest CCFR-201 Dumps Valid Version with 60 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund