What is the goal of a Network Containment Policy?
Answer(s): B
The goal of a Network Containment Policy is to limit the impact of a compromised host on the network. This policy allows users to isolate a host from the network, while still allowing it to communicate with the Falcon Cloud and other essential services. This can help prevent further damage or data exfiltration from a compromised host. The other options are either incorrect or not related to the policy.
[CrowdStrike Falcon User Guide], page 40.
Which of the following applies to Custom Blocking Prevention Policy settings?
Answer(s): A
Falcon allows you to upload hashes from your own black or white lists. To enabled this navigate to the Configuration App, Prevention hashes window, and click on "Upload Hashes" in the upper right- hand corner. Note that you can also automate the task of importing hashes with the CrowdStrike Falcon® API.https://www.crowdstrike.com/blog/tech-center/how-to-prevent-malware-with-custom-blacklisting/
How many "Auto" sensor version update options are available for Windows Sensor Update Policies?
Answer(s): D
There are three "Auto" sensor version update options available for Windows Sensor Update Policies:Auto - N-1, Auto - TEST-QA and Auto - Latest. These options allow the administrator to automatically update the sensor version to the previous stable version, the latest test version or the latest stable version, respectively.
[CrowdStrike Falcon User Guide], page 38.
The alignment of a particular prevention policy to one or more host groups can be completed in which of the following locations within Falcon?
The alignment of a particular prevention policy to one or more host groups can be completed in each policy in the "Assigned Host Groups" tab. This tab allows the administrator to select which host groups will use the policy, as well as view the number of hosts and sensors assigned to each group. The other options are either incorrect or not available.
[CrowdStrike Falcon User Guide], page 34.
How long are detection events kept in Falcon?
" Data is only available in the Falcon UI for investigations, etc. through the company's data retention time frame; detection information is kept for 90 days regardless; UI audits are available for 1 year
Share your comments for CrowdStrike CCFA-200 exam with other users:
nice questions
question 129 is completely wrong.
i need dump
love the site.
can you please upload it back?
could you please re-upload this exam? thanks a lot!
great about shared quiz
goood helping
pay attention to questions. they are very tricky. i waould say about 80 to 85% of the questions are in this exam dump.
wish you would allow more free questions
great simulation
very g inood
q35 should be a
sap c_ts450_2021
ecellent materil for unserstanding
good so far
this is way too informative
very helpfull
q.189 - answers are incorrect.
awesome job in getting these questions
i cant find aws certified practitioner clf-c01 exam in aws website but i found aws certified practitioner clf-c02 exam. can everyone please verify the difference between the two clf-c01 and clf-c02? thank you
grazie mille. i got a satisfactory mark in my exam test today because of this exam dumps. sorry for my english.
some of the answers are incorrect. need to be reviewed.
so far so good
i am really liking it
thanks good stuff
need dump c_tadm_23
next time i will write a full review
first time using this site
please sent me oracle 1z0-1105-22 pdf
very helpful
good info about oml
very useful to practice