3 Months Free Update
3 Months Free Update
3 Months Free Update
Which report lists counts of sensors in Reduced Functionality Mode (RFM) for all operating system types, and tracks how long a sensor version will be supported?
Why do Sensor Update policies need to be configured for each OS (Windows, Mac, Linux)?
Which of the following options is a feature found ONLY with the Sensor-based Machine Learning (ML)?
When creating a Host Group for all Workstations in an environment, what is the best method to ensure all workstation hosts are added to the group?
What may prevent a user from logging into Falcon via single sign-on (SSO)?
In order to exercise manual control over the sensor upgrade process, as well as prevent unauthorized users from uninstalling or upgrading the sensor, which settings in the Sensor Update Policy would meet this criteria?
Which of the following is an effective Custom IOA rule pattern to kill any process attempting to access www.badguydomain.com?
Which of the following roles allows a Falcon user to create Real Time Response Custom Scripts?
When the Notify End Users policy setting is turned on, which of the following is TRUE?
On a Windows host, what is the best command to determine if the sensor is currently running?
What information is provided in Logan Activities under Visibility Reports?
You want the Falcon Cloud to push out sensor version changes but you also want to manually control when the sensor version is upgraded or downgraded. In the Sensor Update policy, which is the best Sensor version option to achieve these requirements?
When creating an API client, which of the following must be saved immediately since it cannot be viewed again after the client is created?
What is the purpose of using groups with Sensor Update policies in CrowdStrike Falcon?
An analyst has reported they are not receiving workflow triggered notifications in the past few days. Where should you first check for potential failures?
Which statement describes what is recommended for the Default Sensor Update policy?
Which of the following is NOT an available filter on the Hosts Management page?
If a user wanted to install an older version of the Falcon sensor, how would they find the older installer file?
Which of the following applies to Custom Blocking Prevention Policy settings?
Which of the following controls the speed in which your sensors will receive automatic sensor updates?
You have been asked to troubleshoot why Script Based Execution Monitoring (SBEM) is not enabled on a Falcon host. Which report can be used to determine if this is an issue with an old prevention policy?
Why is it critical to have separate sensor update policies for Windows/Mac/*nix?
Where in the Falcon console can information about supported operating system versions be found?
What best describes what happens to detections in the console after clicking "Disable Detections" for a host from within the Host Management page?
Which report can assist in determining the appropriate Machine Learning levels to set in a Prevention Policy?
Your CISO has decided all Falcon Analysts should also have the ability to view files and file contents locally on compromised hosts, but without the ability to take them off the host. What is the most appropriate role that can be added to fullfil this requirement?
Which of the following pages provides a count of sensors in Reduced Functionality Mode (RFM) by Operating System?