Which of the following Event Search queries would only find the DNS lookups to the domain: www randomdomain com?

CCFH-202 0 Comments

Which of the following Event Search queries would only find the DNS lookups to the domain: www randomdomain com?
A . event_simpleName=DnsRequest DomainName=www randomdomain com
B. event_simpleName=DnsRequest DomainName=randomdomain com ComputerName=localhost
C. Dns=randomdomain com
D. ComputerName=localhost DnsRequest "randomdomain com"

Answer: A

Explanation:

This Event Search query would only find the DNS lookups to the domain www randomdomain com, as it specifies the exact event type and domain name to match. The other queries would either find other events or domains that are not relevant to the question.

Reference: https://www.crowdstrike.com/blog/tech-center/event-search-in-crowdstrike-falcon/

Latest CCFH-202 Dumps Valid Version with 60 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download CCFH-202 PDF     CCFH-202 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments