CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CrowdStrike
  5. CCFA-200

Free CCFA-200 Exam Braindumps (page: 13)

Page 12 of 39
PDF with 153 Questions

On which page of the Falcon console would you create sensor groups?

  1. User management
  2. Sensor update policies
  3. Host management
  4. Host groups

Answer(s): D

Explanation:

The only place where create host groups is in " Host and setup management > host Groups> Create a group" In Sensor Update policies you can only asign a group of host to the policy not creating a group of hosts.



While a host is Network contained, you need to allow the host to access internal network resources on specific IP addresses to perform patching and remediation.
Which configuration would you choose?

  1. Configure a Real Time Response policy allowlist with the specific IP addresses
  2. Configure a Containment Policy with the specific IP addresses
  3. Configure a Containment Policy with the entire internal IP CIDR block
  4. Configure the Host firewall to allowlist the specific IP addresses

Answer(s): B

Explanation:

While a host is Network contained, the administrator can allow the host to access internal network resources on specific IP addresses to perform patching and remediation by configuring a Containment Policy with the specific IP addresses. This policy allows users to specify which ports, protocols and IP addresses are allowed or blocked during network containment. The other options are either incorrect or not related to network containment.


Reference:

[CrowdStrike Falcon User Guide], page 40.



Which of the following is TRUE regarding Falcon Next-Gen AntiVirus (NGAV)?

  1. Falcon NGAV relies on signature-based detections
  2. Activating Falcon NGAV will also enable all detection and prevention settings in the entire policy
  3. The Detection sliders cannot be set to a value less aggressive than the Prevention sliders
  4. Falcon NGAV is not a replacement for Windows Defender or other antivirus programs

Answer(s): C

Explanation:

The Detection sliders cannot be set to a value less aggressive than the Prevention sliders in Falcon Next-Gen AntiVirus (NGAV). This is because prevention is a subset of detection, and it would not make sense to prevent threats that are not detected. The other options are either incorrect or not true of Falcon NGAV.


Reference:

[CrowdStrike Falcon User Guide], page 35.



What is the purpose of using groups with Sensor Update policies in CrowdStrike Falcon?

  1. To group hosts with others in the same business unit
  2. To group hosts according to the order in which Falcon was installed, so that updates are installed in the same order every time
  3. To prioritize the order in which Falcon updates are installed, so that updates are not installed all at once leading to network congestion
  4. To allow the controlled assignment of sensor versions onto specific hosts

Answer(s): D

Explanation:

The purpose of using groups with Sensor Update policies in CrowdStrike Falcon is to allow the controlled assignment of sensor versions onto specific hosts. This allows users to manage the sensor updates for different hosts based on their needs and preferences, such as testing, staging or production. The other options are either incorrect or not related to using groups with Sensor Update policies.


Reference:

[CrowdStrike Falcon User Guide], page 38.






Post your Comments and Discuss CrowdStrike CCFA-200 exam with other Community members:

CCFA-200 Discussions & Posts