New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

CrowdStrike CCFR-201 Actual Questions

Page: 3 / 4
Question 12

Where can you find hosts that are in Reduced Functionality Mode?

Options:

A.

Event Search

B.

Executive Summary dashboard

C.

Host Search

D.

Installation Tokens

Question 13

Which option indicates a hash is allowlisted?

Options:

A.

No Action

B.

Allow

C.

Ignore

D.

Always Block

Question 14

What are Event Actions?

Options:

A.

Automated searches that can be used to pivot between related events and searches

B.

Pivotable hyperlinks available in a Host Search

C.

Custom event data queries bookmarked by the currently signed in Falcon user

D.

Raw Falcon event data

Question 15

You can jump to a Process Timeline from many views, like a Hash Search, by clicking which of the following?

Options:

A.

ProcessTimeline Link

B.

PID

C.

UTCtime

D.

Process ID or Parent Process ID

Page: 3 / 4
Exam Code: CCFR-201
Exam Name: CrowdStrike Certified Falcon Responder
Last Update: Dec 27, 2024
Questions: 60
CCFR-201 pdf

CCFR-201 PDF

$25.5  $84.99
CCFR-201 Engine

CCFR-201 Testing Engine

$28.5  $94.99
CCFR-201 PDF + Engine

CCFR-201 PDF + Testing Engine

$40.5  $134.99