Free CCFA-200 Exam Braindumps (page: 17)

Page 16 of 39

How can a Falcon Administrator configure a pop-up message to be displayed on a host when the Falcon sensor blocks, kills or quarantines an activity?

  1. By ensuring each user has set the "pop-ups allowed" in their User Profile configuration page
  2. By enabling "Upload quarantined files" in the General Settings configuration page
  3. By turning on the "Notify End Users" setting at the top of the Prevention policy details configuration page
  4. By selecting "Enable pop-up messages" from the User configuration page

Answer(s): C

Explanation:

A Falcon Administrator can configure a pop-up message to be displayed on a host when the Falcon sensor blocks, kills or quarantines an activity by turning on the "Notify End Users" setting at the top of the Prevention policy details configuration page. This setting allows users to enable or disable end user notifications for prevention actions taken by Falcon on Windows hosts. The other options are either incorrect or not related to configuring pop-up messages.


Reference:

CrowdStrike Falcon User Guide, page 36.



Where in the Falcon console can information about supported operating system versions be found?

  1. Configuration module
  2. Intelligence module
  3. Support module
  4. Discover module

Answer(s): C

Explanation:

Information about supported operating system versions can be found in the Support module in the Falcon console. This module provides access to various support resources, such as documentation, downloads, FAQs, release notes and system status. One of the documents available in this module is the CrowdStrike Sensor Compatibility List, which lists the supported operating system versions for each sensor type and platform. The other options are either incorrect or not related to finding information about supported operating system versions.


Reference:

CrowdStrike Falcon User Guide,

page 26.



What is the name for the unique host identifier in Falcon assigned to each sensor during sensor installation?

  1. Endpoint ID (EID)
  2. Agent ID (AID)
  3. Security ID (SID)
  4. Computer ID (CID)

Answer(s): B

Explanation:

The name for the unique host identifier in Falcon assigned to each sensor during sensor installation is Agent ID (AID). The AID is a 32-character hexadecimal string that uniquely identifies each sensor and host in the Falcon platform. The other options are either incorrect or not related to the sensor identifier.


Reference:

CrowdStrike Falcon User Guide, page 28.



Which of the following is a valid step when troubleshooting sensor installation failure?

  1. Confirm all required services are running on the system
  2. Enable the Windows firewall
  3. Disable SSL and TLS on the host
  4. Delete any available application crash log files

Answer(s): A

Explanation:

A valid step when troubleshooting sensor installation failure is to confirm all required services are running on the system. This can help identify if there are any issues with the sensor service, the Windows Management Instrumentation service, or the Windows Remote Management service,

which are required for the sensor to function properly. The other options are either incorrect or not helpful for troubleshooting sensor installation failure.


Reference:

CrowdStrike Falcon User Guide, page 29.






Post your Comments and Discuss CrowdStrike CCFA-200 exam with other Community members:

CCFA-200 Discussions & Posts