Loading questions...
Updated
When a host belongs to more than one host group, how is sensor update precedence determined?
What may prevent a user from logging into Falcon via single sign-on (SSO)?
The Customer ID (CID) is important in which of the following scenarios?
Which statement describes what is recommended for the Default Sensor Update policy?
You need to have the ability to monitor suspicious VBA macros. Which Sensor Visibility setting should be turned on within the Prevention policy settings?
What is the purpose of the Machine-Learning Prevention Monitoring Report?
The Remote Access Graph in Visibility Reports displays:
What internet domain needs to be added to any required allowlists to allow sensors to communicate with the CrowdStrike Cloud?
Why would you use the Prevention Policy Debug Report?
What is the earliest version of Windows Server that a Sensor is compatible with?
How do you disable all detections for a host?
Which command would tell you if a Falcon Sensor was running on a Windows host?
After Network Containing a host, your Incident Response team states they are unable to remotely connect to the host. Which of the following would need to be configured to allow remote connections from specified IP's?
On which page of the Falcon console can one locate the Customer ID (CID)?
The Falcon sensor uses certificate pinning to defend against man-in-the-middle attacks. What must you ensure is disabled for the sensor to communicate with the CrowdStrike Cloud?
Which of the following tools developed by CrowdStrike is intended to help with removal of the CrowdStrike Windows Falcon Sensor?
Assume the Falcon Sensor was installed on a Virtual Machine template using the installation parameter NO_START=1. Afterward, the Virtual Machine template is rebooted. What is the effect on the Falcon Sensor after reboot?
What should be disabled on firewalls so that the sensor's man-in-the-middle attack protection works properly?
Which option best describes the general process for a manual installation of the Falcon Sensor on MacOS?
Where can you find your company's Customer ID (CID)?
Which of the following best describes what the Uninstall and Maintenance Protection setting controls within your Sensor Update Policy?
To enhance your security, you want to detect and block based on a list of domains and IP addresses. How can you use IOC management to help this objective?
A Falcon Administrator is trying to use Real-Time Response to start a session with a host that has a sensor installed but they are unable to connect. What is the most likely cause?
What is the function of a single asterisk (*) in an ML exclusion pattern?
One of your development teams is working on code for a new enterprise application but Falcon continually flags the execution as a detection during testing. All development work is required to be stored on a file share in a folder called "devcode." What setting can you use to reduce false positives on this file path?