CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CrowdStrike
  5. CCFA-200

Free CCFA-200 Exam Braindumps (page: 12)

Page 11 of 39
PDF with 153 Questions

An analyst is asked to retrieve an API client secret from a previously generated key. How can they achieve this?

  1. The API client secret can be viewed from the Edit API client pop-up box
  2. Enable the Client Secret column to reveal the API client secret
  3. Re-create the API client using the exact name to see the API client secret
  4. The API client secret cannot be retrieved after it has been created

Answer(s): D

Explanation:

The API client secret cannot be retrieved after it has been created. The secret is only displayed once when the API client is created, and it cannot be viewed or edited later. Therefore, it is important to save the secret securely and use it along with the client ID to authenticate the API client. The other options are either incorrect or not possible.


Reference:

CrowdStrike Falcon User Guide, page 54.



Which port and protocol does the sensor use to communicate with the CrowdStrike Cloud?

  1. TCP port 22 (SSH)
  2. TCP port 443 (HTTPS)
  3. TCP port 80 (HTTP)
  4. TCP UDP port 53 (DNS)

Answer(s): B

Explanation:

The sensor uses TCP port 443 (HTTPS) to communicate with the CrowdStrike Cloud. This port and protocol are used to securely send and receive data between the sensor and the cloud, such as detections, policies, updates, commands, etc. The other options are either incorrect or not used by the sensor.


Reference:

CrowdStrike Falcon User Guide, page 28.



Where do you obtain the Windows sensor installer for CrowdStrike Falcon?

  1. Sensors are downloaded from the Hosts > Sensor Downloads
  2. Sensor installers are unique to each customer and must be obtained from support
  3. Sensor installers are downloaded from the Support section of the CrowdStrike website
  4. Sensor installers are not used because sensors are deployed from within Falcon

Answer(s): A

Explanation:

The Windows sensor installer for CrowdStrike Falcon can be downloaded from the Hosts > Sensor Downloads page in the Falcon console. This page allows you to download different sensor versions and installers for various operating systems and platforms, as well as view installation instructions and release notes. The other options are either incorrect or not available.


Reference:

CrowdStrike Falcon User Guide, page 27.



What is the most common cause of a Windows Sensor entering Reduced Functionality Mode (RFM)?

  1. Falcon console updates are pending
  2. Falcon sensors installing an update
  3. Notifications have been disabled on that host sensor
  4. Microsoft updates

Answer(s): D

Explanation:

The most common cause of a Windows Sensor entering Reduced Functionality Mode (RFM) is Microsoft updates. RFM occurs when the sensor detects a change in the operating system that requires a reboot to complete. Microsoft updates are one of the common causes of such a change. The other options are either incorrect or not related to RFM.


Reference:

CrowdStrike Falcon User Guide, page 30.






Post your Comments and Discuss CrowdStrike CCFA-200 exam with other Community members:

CCFA-200 Discussions & Posts