Pass4itsure > CrowdStrike > CrowdStrike Certifications > CCFA-200 > CCFA-200 Online Practice Questions and Answers

CCFA-200 Online Practice Questions and Answers

Questions 4

On which page of the Falcon console would you create sensor groups?

A. User management

B. Sensor update policies

C. Host management

D. Host groups

Buy Now
Questions 5

The Falcon sensor uses certificate pinning to defend against man-in-the-middle attacks. Which statement is TRUE concerning Falcon sensor certificate validation?

A. SSL inspection should be configured to occur on all Falcon traffic

B. Some network configurations, such as deep packet inspection, interfere with certificate validation

C. HTTPS interception should be enabled to proceed with certificate validation

D. Common sources of interference with certificate pinning include protocol race conditions and resource contention

Buy Now
Questions 6

You are beginning the rollout of the Falcon Sensor for the first time side-by-side with your existing security solution. You need to configure the Machine Learning levels of the Prevention Policy so it does not interfere with existing solutions

during the testing phase.

What settings do you choose?

A. Detection slider: Extra Aggressive Prevention slider: Cautious

B. Detection slider: Moderate Prevention slider: Disabled

C. Detection slider: Cautious Prevention slider: Cautious

D. Detection slider: Disabled Prevention slider: Disabled

Buy Now
Questions 7

An administrator creating an exclusion is limited to applying a rule to how many groups of hosts?

A. File exclusions are not aligned to groups or hosts

B. There is a limit of three groups of hosts applied to any exclusion

C. There is no limit and exclusions can be applied to any or all groups

D. Each exclusion can be aligned to only one group of hosts

Buy Now
Questions 8

When creating a Host Group for all Workstations in an environment, what is the best method to ensure all workstation hosts are added to the group?

A. Create a Dynamic Group with Type=Workstation Assignment

B. Create a Dynamic Group and Import All Workstations

C. Create a Static Group and Import all Workstations

D. Create a Static Group with Type=Workstation Assignment

Buy Now
Questions 9

One of your development teams is working on code for a new enterprise application but Falcon continually flags the execution as a detection during testing. All development work is required to be stored on a file share in a folder called "devcode." What setting can you use to reduce false positives on this file path?

A. USB Device Policy

B. Firewall Rule Group

C. Containment Policy

D. Machine Learning Exclusions

Buy Now
Questions 10

What model is used to create workflows that would allow you to create custom notifications based on particular events which occur in the Falcon platform?

A. For - While statement(s)

B. Trigger, condition(s) and action(s)

C. Event trigger(s)

D. Predefined workflow template(s)

Buy Now
Questions 11

How do you assign a policy to a specific group of hosts?

A. Create a group containing the desired hosts using "Static Assignment." Go to the Assigned Host Groups tab of the desired policy and dick "Add groups to policy." Select the desired Group(s).

B. Assign a tag to the desired hosts in Host Management. Create a group with an assignment rule based on that tag. Go to the Assignment tab of the desired policy and click "Add Groups to Policy." Select the desired Group(s).

C. Create a group containing the desired hosts using "Dynamic Assignment." Go to the Assigned Host Groups tab of the desired policy and select criteria such as OU, OS, Hostname pattern, etc.

D. On the Assignment tab of the desired policy, select "Static" assignment. From the next window, select the desired hosts (using fitters if needed) and click Add.

Buy Now
Questions 12

You are attempting to install the Falcon sensor on a host with a slow Internet connection and the installation fails after 20 minutes. Which of the following parameters can be used to override the 20-minute default provisioning window?

A. ExtendedWindow=1

B. Timeout=0

C. ProvNoWait=1

D. Timeout=30

Buy Now
Questions 13

Which of the following is a valid step when troubleshooting sensor installation failure?

A. Confirm all required services are running on the system

B. Enable the Windows firewall

C. Disable SSL and TLS on the host

D. Delete any available application crash log files

Buy Now
Exam Code: CCFA-200
Exam Name: CrowdStrike Certified Falcon Administrator
Last Update: Dec 29, 2024
Questions: 152
10%OFF Coupon Code: SAVE10

PDF (Q&A)

$49.99

VCE

$55.99

PDF + VCE

$65.99