CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CrowdStrike
  5. CCFA

Free CCFA Exam Braindumps (page: 8)

Page 7 of 25
PDF with 248 Questions

Which role allows a user to connect to hosts using Real-Time Response?

  1. Endpoint Manager
  2. Falcon Administrator
  3. Real Time Responder – Active Responder
  4. Prevention Hashes Manager

Answer(s): C



You are attempting to install the Falcon sensor on a host with a slow Internet connection and the installation fails after 20 minutes. Which of the following parameters can be used to override the 20 minute default provisioning window?

  1. ExtendedWindow=1
  2. Timeout=0
  3. ProvNoWait=1
  4. Timeout=30

Answer(s): D



How can you find a list of hosts that have not communicated with the CrowdStrike Cloud in the last 30 days?

  1. Under Dashboards and reports, choose the Sensor Report. Set the "Last Seen" dropdown to 30 days and reference the Inactive Sensors widget
  2. Under Host setup and management, choose the Host Management page. Set the group filter to "Inactive Sensors"
  3. Under Host setup and management > Managed endpoints > Inactive Sensors. Change the time range to 30 days
  4. Under Host setup and management, choose the Disabled Sensors Report. Change the time range to 30 days

Answer(s): C



In order to quarantine files on the host, what prevention policy settings must be enabled?

  1. Malware Protection and Custom Execution Blocking must be enabled
  2. Next-Gen Antivirus Prevention sliders and "Quarantine & Security Center Registration" must be enabled
  3. Malware Protection and Windows Anti-Malware Execution Blocking must be enabled
  4. Behavior-Based Threat Prevention sliders and Advanced Remediation Actions must be enabled

Answer(s): C






Post your Comments and Discuss CrowdStrike CCFA exam with other Community members:

CCFA Exam Discussions & Posts