Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exc65

Under which scenario can Sensor Tags be assigned?

A.

While triaging a detection

B.

While managing hosts in the Falcon console

C.

While updating a sensor in the Falcon console

D.

While installing a sensor

Your CISO has decided all Falcon Analysts should also have the ability to view files and file contents locally on compromised hosts, but without the ability to take them off the host. What is the most appropriate role that can be added to fullfil this requirement?

A.

Remediation Manager

B.

Real Time Responder – Read Only Analyst

C.

Falcon Analyst – Read Only

D.

Real Time Responder – Active Responder

Where should you look to find the history of the successes and failures for any Falcon Fusion workflows?

A.

Workflow Execution log

B.

Falcon Ul Audit Trail

C.

Workflow Audit log

D.

Custom Alert History

Which is the correct order for manually installing a Falcon Package on a macOS system?

A.

Install the Falcon package, then register the Falcon Sensor via the registration package

B.

Install the Falcon package, then register the Falcon Sensor via command line

C.

Register the Falcon Sensor via command line, then install the Falcon package

D.

Register the Falcon Sensor via the registration package, then install the Falcon package

Which statement describes what is recommended for the Default Sensor Update policy?

A.

The Default Sensor Update policy should align to an organization's overall sensor updating practice while leveraging Auto N-1 and Auto N-2 configurations where possible

B.

The Default Sensor Update should be configured to always automatically upgrade to the latest sensor version

C.

Since the Default Sensor Update policy is pre-configured with recommend settings out of the box, configuration of the Default Sensor Update policy is not required

D.

No configuration is required. Once a Custom Sensor Update policy is created the Default Sensor Update policy is disabled

In order to quarantine files on the host, what prevention policy settings must be enabled?

A.

Malware Protection and Custom Execution Blocking must be enabled

B.

Next-Gen Antivirus Prevention sliders and "Quarantine & Security Center Registration" must be enabled

C.

Malware Protection and Windows Anti-Malware Execution Blocking must be enabled

D.

Behavior-Based Threat Prevention sliders and Advanced Remediation Actions must be enabled

Which of the follow should be used with extreme caution because it may introduce additional security risks such as malware or other attacks which would not be recorded, detected, or prevented based on the exclusion syntax?

A.

Sensor Visibility Exclusion

B.

Machine Learning Exclusions

C.

IOC Exclusions

D.

IOA Exclusions

When troubleshooting the Falcon Sensor on Windows, what is the correct parameter to output the log directory to a specified file?

A.

LOG=log.txt

B.

\log log.txt

C.

C:\CSSensorlnstall\LogFiles

D.

/log log.txt

Which option allows you to exclude behavioral detections from the detections page?

A.

Machine Learning Exclusion

B.

IOA Exclusion

C.

IOC Exclusion

D.

Sensor Visibility Exclusion

When creating a custom IOA for a specific domain, which syntax would be best for detecting or preventing on all subdomains as well?

A.

*\.baddomain\.xyz|baddomain\. xyz

B.

*baddomain\. xyz|baddomain\. xyz. *

C.

Custom IOA rules cannot be created for domains

D.

**baddomain\. xyz|baddomain\. xyz**