Summer Certification Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free CCFR-201b CrowdStrike Updates

Page: 15 / 15
Total 199 questions

CrowdStrike Certified Falcon Responder Questions and Answers

Question 57

The Falcon sensor can take several automated actions to protect an endpoint. Which of the following is NOT an action that Falcon takes upon detection?

Options:

A.

Process Termination

B.

File Quarantine

C.

Process Restart

D.

Network Isolation

Question 58

If an organization is experiencing several false positives from a specific Machine Learning (ML) detection group and wants to create a tightly-scoped allowlist, which grouping should they use first?

Options:

A.

Group by Filename

B.

Group by Hash

C.

Group by Command Line

D.

Group by User

Question 59

How does a DNSRequest event link to its responsible process?

Options:

A.

Via both its ContextProcessld__decimal and ParentProcessld_decimal fields

B.

Via its ParentProcessld_decimal field

C.

Via its ContextProcessld_decimal field

D.

Via its TargetProcessld_decimal field

Page: 15 / 15
Total 199 questions