최신CrowdStrike Certified Falcon Administrator - 2024 Version - CCFA-200b무료샘플문제
What least privilege role should be given to a user who needs to extract files with RTR?
You have created a new static host group to test a newly created sensor update policy, and need to add 500 servers into the group. You want to upload a list of hosts to Falcon for automatic addition into the group.
What file format must the list be for this to be successfully accomplished?
Detections related to a penetration test on a particular server are currently generating thousands of entries in the console. Your leadership does not need to track the detections in Falcon. What should you do to allow your team to focus on more relevant detections?
When troubleshooting a Windows sensor that appears to be installed but is not running, what should be verified to ensure they are installed and running?
What action should you take to securely allow operating system update processes to occur during network containment?
What update policy does a sensor receive when it does not have a group assignment?
After attempting to uninstall the Falcon sensor from a Windows endpoint, the process appears stuck. What troubleshooting step should be taken?
Your leadership wants controls in place for immediate action on any OverWatch detections. What should you do to ensure the host is contained quickly and notifies the appropriate staff?
You can create Fusion SOAR workflows to precisely define the actions you want Falcon to perform in response to incidents. Which three items must be defined in every trigger so that it executes successfully?
You need to be aware of which policies are the most used as new hosts are being added to your CID. Where will you find a review of the top-ten sensor update, prevention, and device control policies?