CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CrowdStrike
  5. CCFA-200

Free CCFA-200 Exam Braindumps (page: 18)

Page 18 of 39
PDF with 153 Questions

In order to exercise manual control over the sensor upgrade process, as well as prevent unauthorized users from uninstalling or upgrading the sensor, which settings in the Sensor Update Policy would meet this criteria?

  1. Sensor version set to N-1 and Bulk maintenance mode is turned on
  2. Sensor version fixed and Uninstall and maintenance protection turned on
  3. Sensor version updates off and Uninstall and maintenance protection turned off
  4. Sensor version set to N-2 and Bulk maintenance mode is turned on

Answer(s): B

Explanation:

In order to exercise manual control over the sensor upgrade process, as well as prevent unauthorized users from uninstalling or upgrading the sensor, the administrator should set the Sensor version to fixed and turn on the Uninstall and maintenance protection setting in the Sensor Update Policy. This will allow the administrator to specify which sensor version will be used by the hosts using this policy, and also require a maintenance token to uninstall or upgrade the sensor. The other options are either incorrect or not sufficient to meet this criteria.


Reference:

CrowdStrike Falcon User Guide, page 38.



Once an exclusion is saved, what can be edited in the future?

  1. All parts of the exclusion can be changed
  2. Only the selected groups and hosts to which the exclusion is applied can be changed
  3. Only the options to "Detect/Block" and/or "File Extraction" can be changed
  4. The exclusion pattern cannot be changed

Answer(s): A

Explanation:

Once an exclusion is saved, all parts of the exclusion can be changed in the future. The administrator can edit an existing exclusion by selecting it from the Exclusions page and modifying any of its fields, such as pattern, type, option, group or host. The other options are either incorrect or not true of editing exclusions.


Reference:

CrowdStrike Falcon User Guide, page 37.



Which of the following options is a feature found ONLY with the Sensor-based Machine Learning (ML)?

  1. Next-Gen Antivirus (NGAV) protection
  2. Adware and Potentially Unwanted Program detection and prevention
  3. Real-time offline protection
  4. Identification and analysis of unknown executables

Answer(s): D

Explanation:

According to documentation (documentation/detections/technique/sensor-based-ml-cst0007):
CrowdStrike sensor-based machine learning (ML) identifies and analyzes unknown executables as they run on hosts. This technique is triggered by files and file attributes associated with known malware. This is similar to the [Cloud-based
ML](/support/documentation/detections/technique/cloud-based-ml) technique. Cloud-based ML is informed by global analysis of executables that classifies and identifies malware. The key difference is that it doesn't run on hosts when they're offline.



How do you find a list of inactive sensors?

  1. The Falcon platform does not provide reporting for inactive sensors
  2. A sensor is always considered active until removed by an Administrator
  3. Run the Inactive Sensor Report in the Host setup and management option
  4. Run the Sensor Aging Report within the Investigate option

Answer(s): C

Explanation:

The Inactive Sensor Report in the Host setup and management option allows you to view a list of hosts that have not communicated with the Falcon platform for a specified period of time. You can filter the report by sensor version, OS, and last seen date. This report can help you identify hosts that may have connectivity issues or need sensor updates.


Reference:

Falcon Administrator Learning Path | Infographic | CrowdStrike



Page 18 of 39



Post your Comments and Discuss CrowdStrike CCFA-200 exam with other Community members:

sANJAY commented on December 08, 2024
hARD QUESTIOS
Anonymous
upvote

Uday commented on December 08, 2024
Want to appear for snowpro core
Anonymous
upvote

M commented on December 07, 2024
96 : Answer is D
Anonymous
upvote

marco commented on December 07, 2024
i cant imagine
Anonymous
upvote

Felicia Simley commented on December 07, 2024
i cant download the premium version.. what to do please?
Anonymous
upvote

Felicia Simley commented on December 07, 2024
great questions on this one
Anonymous
upvote

The Magic Beans commented on December 07, 2024
Passed the exam - these questions are similar to the ones in the exam (some of these questions are very similar to the ones in the exam but there were questions in the exam way complicated than this). One of the labs (question 77) in these questions came up in my exam. The questions in the exam are tricky make sure you understand each concept in the exam objectives.
UNITED STATES
upvote

Asma commented on December 07, 2024
It would be better to have an explanation while revealing the solution
Anonymous
upvote

sly commented on December 07, 2024
@ The Magic Beans what was your exam outcome>
Anonymous
upvote

Zjanri commented on December 07, 2024
This is a good training platform.
Anonymous
upvote

Felicia Simley commented on December 07, 2024
great questions
Anonymous
upvote

Rohan commented on December 07, 2024
Really appreciate thanks, I cleared my exam today
Anonymous
upvote

Manraj commented on December 07, 2024
helpful and similar to exam
Anonymous
upvote

The Magic Beans commented on December 06, 2024
Taking my exam tomorrow Dec 7 / 2024 I will let you know if this questions are similar
UNITED STATES
upvote

Runner009 commented on December 06, 2024
The best money I have ever spent! It literally has all the real exam questions.
UNITED STATES
upvote

Dahamram commented on December 06, 2024
This new version of the exam is pretty tricky. You can tell by going over these questions. I really had no chance of passing if I had not used this exam dump. Questions are pretty valid as of this week.
Anonymous
upvote

Ravendra commented on December 06, 2024
Purchased the full version of this exam dump in PDF with the 50% sale on Black Friday. Got 2 exam for the price of one. Today I sat for this exam and as soon as I saw the first questions I was about to jump out of my seat. The questions are word by word the same. Got 98% in my result. Very happy.
UNITED STATES
upvote

Anand commented on December 06, 2024
Nice questions
UNITED STATES
upvote

Ajit Kumar Vishwakarma commented on December 06, 2024
I want to attend PSE certification; please guide me
Anonymous
upvote

Sangeeta commented on December 06, 2024
Want to attempt pd1 exam
UNITED STATES
upvote

yemane commented on December 06, 2024
Good for exam preparation
Anonymous
upvote

Ramya commented on December 05, 2024
Preparing for snowflake certificate
Anonymous
upvote

Casandra commented on December 05, 2024
Do not book your exam if you don't know the topics and the questions. The test is super duper hard and almost impossible to pass without knowing the questions.
EUROPEAN UNION
upvote

Andi commented on December 05, 2024
Superb no queson
POLAND
upvote

diego commented on December 05, 2024
se ve muy bien
Anonymous
upvote

Carlson Kelvin commented on December 05, 2024
Hope to my exam soon
Anonymous
upvote

ANNONYMOUS commented on December 05, 2024
The questions are quite helpful
Anonymous
upvote

Zary commented on December 05, 2024
Good information
KOREA REPUBLIC OF
upvote

Zari commented on December 05, 2024
Very useful
KOREA REPUBLIC OF
upvote

Mohamed commented on December 05, 2024
It is not free
Anonymous
upvote

Michelle commented on December 04, 2024
Great study material
Anonymous
upvote

Michelle commented on December 04, 2024
Excited about learning more through my studies
Anonymous
upvote

Michelle commented on December 04, 2024
This information has really helped me .
Anonymous
upvote

Michelle commented on December 04, 2024
Great material to get you prepared for the test
Anonymous
upvote