Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. CrowdStrike
  3. CCFA-200

CrowdStrike CCFA-200 Exam (page: 4)
CrowdStrike Certified Falcon Administrator
Updated on: 31-Mar-2026

Viewing Page 4 of 32
CCFA-200 PDF 153 Questions

What is the goal of a Network Containment Policy?

  1. Increase the aggressiveness of the assigned prevention policy
  2. Limit the impact of a compromised host on the network
  3. Gain more visibility into network activities
  4. Partition a network for privacy

Answer(s): B

Explanation:

The goal of a Network Containment Policy is to limit the impact of a compromised host on the network. This policy allows users to isolate a host from the network, while still allowing it to communicate with the Falcon Cloud and other essential services. This can help prevent further damage or data exfiltration from a compromised host. The other options are either incorrect or not related to the policy.


Reference:

[CrowdStrike Falcon User Guide], page 40.



Which of the following applies to Custom Blocking Prevention Policy settings?

  1. Hashes must be entered on the Prevention Hashes page before they can be blocked via this policy
  2. Blocklisting applies to hashes, IP addresses, and domains
  3. Executions blocked via hash blocklist may have partially executed prior to hash calculation process remediation may be necessary
  4. You can only blocklist hashes via the API

Answer(s): A

Explanation:

Falcon allows you to upload hashes from your own black or white lists. To enabled this navigate to the Configuration App, Prevention hashes window, and click on "Upload Hashes" in the upper right- hand corner. Note that you can also automate the task of importing hashes with the CrowdStrike Falcon® API.
https://www.crowdstrike.com/blog/tech-center/how-to-prevent-malware-with-custom-blacklisting/



How many "Auto" sensor version update options are available for Windows Sensor Update Policies?

  1. 1
  2. 2
  3. 0
  4. 3

Answer(s): D

Explanation:

There are three "Auto" sensor version update options available for Windows Sensor Update Policies:
Auto - N-1, Auto - TEST-QA and Auto - Latest. These options allow the administrator to automatically update the sensor version to the previous stable version, the latest test version or the latest stable version, respectively.


Reference:

[CrowdStrike Falcon User Guide], page 38.



The alignment of a particular prevention policy to one or more host groups can be completed in which of the following locations within Falcon?

  1. Policy alignment is configured in the "Host Management" section in the Hosts application
  2. Policy alignment is configured only once during the initial creation of the policy in the "Create New Policy" pop-up window
  3. Policy alignment is configured in the General Settings section under the Configuration menu
  4. Policy alignment is configured in each policy in the "Assigned Host Groups" tab

Answer(s): D

Explanation:

The alignment of a particular prevention policy to one or more host groups can be completed in each policy in the "Assigned Host Groups" tab. This tab allows the administrator to select which host groups will use the policy, as well as view the number of hosts and sensors assigned to each group. The other options are either incorrect or not available.


Reference:

[CrowdStrike Falcon User Guide], page 34.



How long are detection events kept in Falcon?

  1. Detection events are kept for 90 days
  2. Detections events are kept for your subscribed data retention period
  3. Detection events are kept for 7 days
  4. Detection events are kept for 30 days

Answer(s): A

Explanation:

" Data is only available in the Falcon UI for investigations, etc. through the company's data retention time frame; detection information is kept for 90 days regardless; UI audits are available for 1 year



Viewing Page 4 of 32



Share your comments for CrowdStrike CCFA-200 exam with other users:

Deepak 12/27/2023 2:37:00 AM

good questions
SINGAPORE


dba 9/23/2023 3:10:00 AM

can we please have the latest exam questions?
Anonymous


Prasad 9/29/2023 7:27:00 AM

please help with jn0-649 latest dumps
HONG KONG


GTI9982 7/31/2023 10:15:00 PM

please i need this dump. thanks
CANADA


Elton Riva 12/12/2023 8:20:00 PM

i have to take the aws certified developer - associate dva-c02 in the next few weeks and i wanted to know if the questions on your website are the same as the official exam.
Anonymous


Berihun Desalegn Wonde 7/13/2023 11:00:00 AM

all questions are more important
Anonymous


gr 7/2/2023 7:03:00 AM

ques 4 answer should be c ie automatically recover from failure
Anonymous


RS 7/27/2023 7:17:00 AM

very very useful page
INDIA


Blessious Phiri 8/12/2023 11:47:00 AM

the exams are giving me an eye opener
Anonymous


AD 10/22/2023 9:08:00 AM

3rd so far, need to cover more
Anonymous


Matt 11/18/2023 2:32:00 AM

aligns with the pecd notes
Anonymous


Sri 10/15/2023 4:38:00 PM

question 4: b securityadmin is the correct answer. https://docs.snowflake.com/en/user-guide/security-access-control-overview#access-control-framework
GERMANY


H.T.M. D 6/25/2023 2:55:00 PM

kindly please share dumps
Anonymous


Satish 11/6/2023 4:27:00 AM

it is very useful, thank you
Anonymous


Chinna 7/30/2023 8:37:00 AM

need safe rte dumps
FRANCE


1234 6/30/2023 3:40:00 AM

can you upload the cis - cpg dumps
Anonymous


Did 1/12/2024 3:01:00 AM

q6 = 1. download odt application 2. create a configuration file (xml) 3. setup.exe /download to download the installation files 4. setup.exe /configure to deploy the application
FRANCE


John 10/12/2023 12:30:00 PM

great material
Anonymous


Dinesh 8/1/2023 2:26:00 PM

could you please upload sap c_arsor_2302 questions? it will be very much helpful.
Anonymous


LBert 6/19/2023 10:23:00 AM

vraag 20c: rsa veilig voor symmtrische cryptografie? antwoord c is toch fout. rsa is voor asymmetrische cryptogafie??
NETHERLANDS


g 12/22/2023 1:51:00 PM

so far good
UNITED STATES


Milos 8/4/2023 9:33:00 AM

question 31 has obviously wrong answers. tls and ssl are used to encrypt data at transit, not at rest.
Serbia And Montenegro


Diksha 9/25/2023 2:32:00 AM

pls provide dump for 1z0-1080-23 planning exams
Anonymous


H 7/17/2023 4:28:00 AM

could you please upload the exam?
Anonymous


Anonymous 9/14/2023 4:47:00 AM

please upload this
UNITED STATES


Naveena 1/13/2024 9:55:00 AM

good material
Anonymous


WildWilly 1/19/2024 10:43:00 AM

lets see if this is good stuff...
Anonymous


Lavanya 11/2/2023 1:53:00 AM

useful information
UNITED STATES


Moussa 12/12/2023 5:52:00 AM

intéressant
BURKINA FASO


Madan 6/22/2023 9:22:00 AM

thank you for making the interactive questions
Anonymous


Vavz 11/2/2023 6:51:00 AM

questions are accurate
Anonymous


Su 11/23/2023 4:34:00 AM

i need questions/dumps for this exam.
Anonymous


LuvSN 7/16/2023 11:19:00 AM

i need this exam, when will it be uploaded
ROMANIA


Mihai 7/19/2023 12:03:00 PM

i need the dumps !
Anonymous