100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
CCFA Practice Exam Questions and Answers 100% correct $11.49   Add to cart

Exam (elaborations)

CCFA Practice Exam Questions and Answers 100% correct

 8 views  0 purchase
  • Course
  • RHFAC
  • Institution
  • RHFAC

CCFA Practice Exam Questions and Answers 100% correct How long are inactive sensors retained for in the Host Management Page and visible in the inactive sensors page? 45 Days What happens when you undo a release from quarantine? The Falcon sensor treats the file as malicious again. The ne...

[Show more]

Preview 2 out of 5  pages

  • August 18, 2024
  • 5
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • RHFAC
  • RHFAC
avatar-seller
Pogba119
CCFA Practice Exam Questions and
Answers 100% correct

How long are inactive sensors retained for in the Host Management Page and visible in
the inactive sensors page? - answer 45 Days

What happens when you undo a release from quarantine? - answer The Falcon
sensor treats the file as malicious again. The next time the file attempts to execute, the
sensor blocks and quarantines it again.

What is IOC Management used for? - answer To allowlist executables as a
compensating control for false positives or to reduce noise.

Where can you locate a list of MacOS hosts that are in Reduced Functionality Mode? -
answer RFM doesn't apply to MacOS hosts.

What is the max number of grouping tags that can be added per host? - answer 50

How many hosts can you assign to a static host group at a time? - answer 1000

Around what model are Fusion Workflows built? - answer Trigger, Condition, Action

What causes a Falcon sensor to go into Reduced Functionality Mode? - answer
When the agent is not compatible with the current version of the kernel running on the
operating system.

What is the Prevention Policy Debug report used for? - answer To debug issues with
prevention policies not being set

How do you change your own password in the Falcon console if you're not using Single
Sign-on? - answer After logging in, go to the User Profile settings and click the
Change Password link. Then supply your current and new passwords.

What kind of information may be found in the Falcon UI Audit trail? - answer Details
about user and API activity in the Falcon console

What are the available methods for uninstalling a Falcon sensor on a Windows OS? -
answer Use the Windows Control Panel

What is a required field when creating users? - answer User Email

, Quarantined file records are found where? - answer Endpoint security > Monitor >
Quarantined Files

Which of the following are options in the NextGenAV detection and prevention settings
On-Sensor ML Sliders? - answer Disabled, Cautious, Moderate, Aggressive and
Extra Aggressive

In order to quarantine files on an endpoint, what prevention policy setting must be in
place? - answer Next-Gen Antivirus Prevention sliders and "Quarantine & Security
Center Registration" must be enabled

What is the max number of Falcon Grouping tags that can be added per CID? - answer
1000

When uninstalling or removing a sensor, which of the following is required if the
"Uninstall and maintenance protection" setting is enabled within the Sensor Update
Policies? - answer Maintenance token

What is the correct purpose of a sensor visibility exclusion? - answer To remediate
issues where the Falcon sensor may cause a performance or application compatibility
interaction by configuring the sensor to completely ignore a target path or process

What is the function of a single asterisk (*) in a ML Exclusion or Sensor Visibility
Exclusion? - answer The single asterisk will match any number of characters,
including none. It does not include seperator characters, such as \ or / which seperate.

The Falcon sensor required what network protocol to communicate with the CS Cloud?
- answer TLS1.2

You have recently noticed that one of the sensors on an endpoint is marked as inactive
within the Falcon platform. What could be a possible reason for this? - answer The
sensor is not communicating with the Falcon cloud.

What is the ML Prevention Monitoring Report used for? - answer To view malware
that would have been blocked in your environment over a timeframe based on different
Machine Learning Prevention settings.

Where do you set up automated detection emails? - answer You go to support and
resources > Resources and tools > General settings and manage the list for detection
and incident emails.

What commands can a 'Real-Time Responder - Active Responder' run? - answer All
of the commands, except for cswindiag, falconscript, put, put-and-run, run

What is the limit for individual IP addresses and ranges that a firewall rule can contain?
- answer 1000

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Pogba119. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $11.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

67866 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$11.49
  • (0)
  Add to cart