- All Exams Instant Download
Which role allows a user to connect to hosts using Real-Time Response?
Which role allows a user to connect to hosts using Real-Time Response?A . Endpoint ManagerB . Falcon AdministratorC . Real Time Responder C Active ResponderD . Prevention Hashes ManagerView AnswerAnswer: C
Which role will allow someone to manage quarantine files?
Which role will allow someone to manage quarantine files?A . Falcon Security LeadB . Detections Exceptions ManagerC . Falcon Analyst C Read OnlyD . Endpoint ManagerView AnswerAnswer: A
Which option allows you to exclude behavioral detections from the detections page?
Which option allows you to exclude behavioral detections from the detections page?A . Machine Learning ExclusionB . IOA ExclusionC . IOC ExclusionD . Sensor Visibility ExclusionView AnswerAnswer: B
How do you assign a Prevention policy to one or more hosts?
How do you assign a Prevention policy to one or more hosts?A . Create a new policy and assign it directly to those hosts on the Host Management pageB . Modify the users roles on the User Management pageC . Ensure the hosts are in a group and assign that...
Where can you modify settings to permit certain traffic during a containment period?
Where can you modify settings to permit certain traffic during a containment period?A . Prevention PolicyB . Host SettingsC . Containment PolicyD . Firewall SettingsView AnswerAnswer: C
What is the next step to disable RTR only on these hosts?
Your organization has a set of servers that are not allowed to be accessed remotely, including via Real Time Response (RTR). You already have these servers in their own Falcon host group. What is the next step to disable RTR only on these hosts?A . Edit the Default Response Policy,...
Why is the ability to disable detections helpful?
Why is the ability to disable detections helpful?A . It gives users the ability to set up hosts to test detections and later remove them from the consoleB . It gives users the ability to uninstall the sensor from a hostC . It gives users the ability to allowlist a...
Which exclusion pattern will prevent detections on a file at C:Program FilesMy ProgramMy Filesprogram.exe?
Which exclusion pattern will prevent detections on a file at C:Program FilesMy ProgramMy Filesprogram.exe?A . Program FilesMy ProgramMy Files*B . Program FilesMy Program*C . **D . *Program FilesMy Program*View AnswerAnswer: A
When a host is placed in Network Containment, which of the following is TRUE?
When a host is placed in Network Containment, which of the following is TRUE?A . The host machine is unable to send or receive network traffic outside of the local networkB . The host machine is unable to send or receive network traffic except to/from the Falcon Cloud and traffic...
How can a Falcon Administrator configure a pop-up message to be displayed on a host when the Falcon sensor blocks, kills or quarantines an activity?
How can a Falcon Administrator configure a pop-up message to be displayed on a host when the Falcon sensor blocks, kills or quarantines an activity?A . By ensuring each user has set the "pop-ups allowed" in their User Profile configuration pageB . By enabling "Upload quarantined files" in the General...
