CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CrowdStrike
  5. CCFA-200

Free CCFA-200 Exam Braindumps (page: 6)

Page 6 of 39
PDF with 153 Questions

What information is provided in Logan Activities under Visibility Reports?

  1. A list of all logons for all users
  2. A list of last endpoints that a user logged in to
  3. A list of users who are remotely logged on to devices based on local IP and local port
  4. A list of unique users who are remotely logged on to devices based on the country

Answer(s): B

Explanation:

The Logon Activities report under Visibility Reports provides a list of last endpoints that a user logged in to. This report shows the user name, domain name, logon type, logon time and endpoint name for each logon event. The other options are either incorrect or not related to the report.


Reference:

[CrowdStrike Falcon User Guide], page 50.



What can the Quarantine Manager role do?

  1. Manage and change prevention settings
  2. Manage quarantined files to release and download
  3. Manage detection settings
  4. Manage roles and users

Answer(s): B

Explanation:

The Quarantine Manager role can manage quarantined files to release and download. This role allows users to view and search quarantined files, as well as release them from quarantine or download them for further analysis. The other roles do not have this capability.


Reference:

[CrowdStrike Falcon User Guide], page 19.



What command should be run to verify if a Windows sensor is running?

  1. regedit myfile.reg
  2. sc query csagent
  3. netstat -f
  4. ps -ef | grep falcon

Answer(s): B

Explanation:

The command that should be run to verify if a Windows sensor is running is sc query csagent. This command will display the status and information of the csagent service, which is the Falcon sensor service. The other commands are either incorrect or not applicable to Windows sensors.


Reference:

[CrowdStrike Falcon User Guide], page 29.



When configuring a specific prevention policy, the admin can align the policy to two different types of groups, Host Groups and which other?

  1. Custom IOA Rule Groups
  2. Custom IOC Groups
  3. Enterprise Groups
  4. Operating System Groups

Answer(s): A

Explanation:

Prevention Policies are created based on the OS (Windows, MAC and Linux policies). Once a prevention policy is created, three options appear on top: Settings, Assigned Host Groups and Assigned Custom IOAS (tested on Crowdstrike). Therefore, Host Groups and Custom IOAS are the two different types of groups a prevention policy can be aligned to.



Page 6 of 39



Post your Comments and Discuss CrowdStrike CCFA-200 exam with other Community members:

Dan commented on September 13, 2024
Going through
Anonymous
upvote

ShitBox Mafia commented on September 13, 2024
Very elegant and nicely formatted content and No annoying reCaptcha validation.
UNITED STATES
upvote

Abdul commented on September 13, 2024
Great content and very valid. I made the purchase of the full version. They have removed the 50% discount. SO ask them for it or use this code: 50%OFF
UNITED STATES
upvote

Marcellus commented on September 13, 2024
Good site I want to pay. send me the link
UNITED STATES
upvote

Murtaza Ghafoor commented on September 13, 2024
How much is the cost to purchaser the dumps
PAKISTAN
upvote

Terry commented on September 13, 2024
I got a discount code for the full version. The code is: 50%OFF It only works when you buy 2 exams or more. Basically, it is like a buy one get one free.
EUROPEAN UNION
upvote

anonymous commented on September 13, 2024
awesome questions, full ocvereage
Anonymous
upvote

Manohar commented on September 13, 2024
These questions are all up to date. I saw them in my exam.
EUROPEAN UNION
upvote