Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
 

CrowdStrike CCFA Exam Actual Questions

The questions for CCFA were last updated on July 8, 2024.
  • Viewing page 1 out of 43 pages.
  • Viewing questions 1-4 out of 170 questions

Topic 1 - Exam A

Question #1 Topic 1

What is the function of a single asterisk (*) in an ML exclusion pattern?

  • A. The single asterisk will match any number of characters, including none. It does include separator characters, such as \ or /, which separate portions of a file path
  • B. The single asterisk will match any number of characters, including none. It does not include separator characters, such as \ or /, which separate portions of a file path
  • C. The single asterisk is the insertion point for the variable list that follows the path
  • D. The single asterisk is only used to start an expression, and it represents the drive letter
Reveal Solution Hide Solution   Discussion   6

Correct Answer: B 🗳️

Question #2 Topic 1

You have determined that you have numerous Machine Learning detections in your environment that are false positives. They are caused by a single binary that was custom written by a vendor for you and that binary is running on many endpoints. What is the best way to prevent these in the future?

  • A. Contact support and request that they modify the Machine Learning settings to no longer include this detection
  • B. Using IOC Management, add the hash of the binary in question and set the action to "Allow"
  • C. Using IOC Management, add the hash of the binary in question and set the action to "Block, hide detection"
  • D. Using IOC Management, add the hash of the binary in question and set the action to "No Action"
Reveal Solution Hide Solution   Discussion   6

Correct Answer: B 🗳️

Question #3 Topic 1

What is the purpose of a containment policy?

  • A. To define which Falcon analysts can contain endpoints
  • B. To define the duration of Network Containment
  • C. To define the trigger under which a machine is put in Network Containment (e.g. a critical detection)
  • D. To define allowed IP addresses over which your hosts will communicate when contained
Reveal Solution Hide Solution   Discussion   9

Correct Answer: C 🗳️

Question #4 Topic 1

An administrator creating an exclusion is limited to applying a rule to how many groups of hosts?

  • A. File exclusions are not aligned to groups or hosts
  • B. There is a limit of three groups of hosts applied to any exclusion
  • C. There is no limit and exclusions can be applied to any or all groups
  • D. Each exclusion can be aligned to only one group of hosts
Reveal Solution Hide Solution   Discussion   7

Correct Answer: B 🗳️

Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
ex Want to SAVE BIG on Certification Exam Prep?
close
ex Unlock All Exams with ExamTopics Pro 75% Off
  • arrow Choose From 1000+ Exams
  • arrow Access to 10 Exams per Month
  • arrow PDF Format Available
  • arrow Inline Discussions
  • arrow No Captcha/Robot Checks
Limited Time Offer
Ends in