최신CrowdStrike Certified Falcon Administrator - 2024 Version - CCFA-200b무료샘플문제

A. Behavior-Based Threat Prevention sliders and Advanced Remediation Actions

B. Next-Gen Antivirus Prevention sliders and "Quarantine & Security Center Registration"

C. Malware Protection and Custom Execution Blocking

D. Malware Protection and Windows Anti-Malware Execution Blocking

A. Create an IOC for the host to trigger associated detections and assign them to you via workflow

B. Create an alert on usage of the tools and assign the alerts to you automatically via workflow

C. Create an Event trigger workflow that triggers on an EPP Detection with an action to assign the detection to yourself

D. Create an Event trigger workflow that triggers on an EPP Detection with conditions looking for the desired hostname

A. Sensor Update polices are not Operating System specific; one policy can be applied to all Operating Systems

B. Windows has its own Sensor Update polices; Mac and Linux share Sensor Update policies

C. A Sensor Update policy must be configured for each Operating System (Windows, Mac, Linux)

D. Windows and Mac share Sensor Update policies; Linux requires its own set of polices based on the different kernel versions

A. Notifications

B. General settings

C. Containment policy

D. Response policies

A. Create a static group with the assignment rule criteria for OS Version set to Windows 10

B. Create a dynamic group with the assignment rule criteria set to OS Type Workstation

C. Create a static group with the assignment rule criteria set to OS Type Workstation

D. Create a dynamic group with the assignment rule criteria for OS Version set to Windows 10

A. Cautious Level ML

B. Extra Aggressive Level ML

C. Moderate Level ML

D. Aggressive Level ML

A. RFM sensors on Linux hosts only send detection information to the Falcon Console. Event processing is disabled

B. RFM sensors on Linux hosts stop processing events and detections but continue to send log data into Falcon

C. RFM sensors on Linux hosts stop processing both events and detections. Sensors send basic status information to the Falcon Console

D. RFM sensors on Linux hosts continue to process events and detections for existing policies but cannot get policy updates from the Falcon Console