CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CrowdStrike
  5. CCFH-202

Free CCFH-202 Exam Braindumps (page: 6)

Page 5 of 23
PDF with 88 Questions

You want to produce a list of all event occurrences along with selected fields such as the full path, time, username etc. Which command would be the appropriate choice?

  1. fields
  2. distinctcount
  3. table
  4. values

Answer(s): C



When exporting the results of the following event search, what data is saved in the exported file (assuming Verbose Mode)? event_simpleName=*Written | stats count by ComputerName

  1. The text of the query
  2. The results of the Statistics tab
  3. No data. Results can only be exported when the “table” command is used
  4. All events in the Events tab

Answer(s): B



The help desk is reporting an increase in calls related to user accounts being locked out over the last few days. You suspect that this could be an attack by an adversary against your organization. Select the best hunting hypothesis from the following:

  1. A zero-day vulnerability is being exploited on a Microsoft Exchange server
  2. A publicly available web application has been hacked and is causing the lockouts
  3. Users are locking their accounts out because they recently changed their passwords
  4. A password guessing attack is being executed against remote access mechanisms such as VPN

Answer(s): D



To find events that are outliers inside a network, ___________is the best hunting method to use.

  1. time-based
  2. machine learning
  3. searching
  4. stacking

Answer(s): D






Post your Comments and Discuss CrowdStrike CCFH-202 exam with other Community members:

CCFH-202 Discussions & Posts