Under which scenario can Sensor Tags be assigned?
Your CISO has decided all Falcon Analysts should also have the ability to view files and file contents locally on compromised hosts, but without the ability to take them off the host. What is the most appropriate role that can be added to fullfil this requirement?
Where should you look to find the history of the successes and failures for any Falcon Fusion workflows?
Which is the correct order for manually installing a Falcon Package on a macOS system?
Which statement describes what is recommended for the Default Sensor Update policy?
In order to quarantine files on the host, what prevention policy settings must be enabled?
Which of the follow should be used with extreme caution because it may introduce additional security risks such as malware or other attacks which would not be recorded, detected, or prevented based on the exclusion syntax?
When troubleshooting the Falcon Sensor on Windows, what is the correct parameter to output the log directory to a specified file?
Which option allows you to exclude behavioral detections from the detections page?
When creating a custom IOA for a specific domain, which syntax would be best for detecting or preventing on all subdomains as well?