New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Free CCFA-200 CrowdStrike Updates

Page: 9 / 11
Question 36

Where can you modify settings to permit certain traffic during a containment period?

Options:

A.

Prevention Policy

B.

Host Settings

C.

Containment Policy

D.

Firewall Settings

Question 37

You have been asked to troubleshoot why Script Based Execution Monitoring (SBEM) is not enabled on a Falcon host. Which report can be used to determine if this is an issue with an old prevention policy?

Options:

A.

Host Update Status Report

B.

Custom Alerting Audit Trail

C.

Prevention Policy Debug

D.

SBEM Debug Report

Question 38

You want the Falcon Cloud to push out sensor version changes but you also want to manually control when the sensor version is upgraded or downgraded. In the Sensor Update policy, which is the best Sensor version option to achieve these requirements?

Options:

A.

Specific sensor version number

B.

Auto - TEST-QA

C.

Sensor version updates off

D.

Auto - N-1

Question 39

Custom IOA rules are defined using which syntax?

Options:

A.

Glob

B.

PowerShell

C.

Yara

D.

Regex

Page: 9 / 11
Exam Code: CCFA-200
Exam Name: CrowdStrike Certified Falcon Administrator
Last Update: Dec 27, 2024
Questions: 153
CCFA-200 pdf

CCFA-200 PDF

$25.5  $84.99
CCFA-200 Engine

CCFA-200 Testing Engine

$28.5  $94.99
CCFA-200 PDF + Engine

CCFA-200 PDF + Testing Engine

$40.5  $134.99