CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CrowdStrike
  5. CCFA

Free CCFA Exam Braindumps (page: 11)

Page 10 of 25
PDF with 248 Questions

You notice there are multiple Windows hosts in Reduced functionality mode (RFM). What is the most likely culprit causing these hosts to be in RFM?

  1. A Sensor Update Policy was misconfigured
  2. A host was offline for more than 24 hours
  3. A patch was pushed overnight to all Windows systems
  4. A host was placed in network containment from a detection

Answer(s): C



Which of the following is TRUE of the Logon Activities Report?

  1. Shows a graphical view of user logon activity and the hosts the user connected to
  2. The report can be filtered by computer name
  3. It gives a detailed list of all logon activity for users
  4. It only gives a summary of the last logon activity for users

Answer(s): C



Which of the following roles allows a Falcon user to create Real Time Response Custom Scripts?

  1. Real Time Responder – Administrator
  2. Real Time Responder – Read Only Analyst
  3. Real Time Responder – Script Developer
  4. Real Time Responder – Active Responder

Answer(s): C



What model is used to create workflows that would allow you to create custom notifications based on particular events which occur in the Falcon platform?

  1. For - While statement(s)
  2. Trigger, condition(s) and action(s)
  3. Event trigger(s)
  4. Predefined workflow template(s)

Answer(s): B






Post your Comments and Discuss CrowdStrike CCFA exam with other Community members:

CCFA Exam Discussions & Posts