Your CISO has decided all Falcon Analysts should also have the ability to view files and file contents locally on compromised hosts, but without the ability to take them off the host. What is the most appropriate role that can be added to fullfil this requirement?
Answer(s): C
One of your development teams is working on code for a new enterprise application but Falcon continually flags the execution as a detection during testing. All development work is required to be stored on a file share in a folder called "devcode." What setting can you use to reduce false positives on this file path?
How do you disable all detections for a host?
Answer(s): D
To enhance your security, you want to detect and block based on a list of domains and IP addresses. How can you use IOC management to help this objective?
Post your Comments and Discuss CrowdStrike CCFA exam with other Community members:
ShwetaRahul Commented on December 26, 2023 can we expect these questions in exam? Anonymous
Manu Commented on June 02, 2023 Good source SINGAPORE
Our website is free, but we have to fight against bots and content theft. We're sorry for the inconvenience caused by these security measures. You can access the rest of the CCFA content, but please register or login to continue.