Pass CCFR-201 Exam Questions ~ 100% success in initial try

Question No 1

After pivoting to an event search from a detection, you locate the ProcessRollup2 event. Which two field values are you required to obtain to perform a Process Timeline search so you can determine what the process was doing?

Choose the Choices:

Question No 2

The function of Machine Learning Exclusions is to___________.

Choose the Choices:

stop all detections for a specific pattern ID

stop all sensor data collection for the matching path(s)

Stop all Machine Learning Preventions but a detection will still be generated and files will still be uploaded to the CrowdStrike Cloud

stop all ML - based detections and preventions for the matching path(s) and/or stop files from being uploaded to the CrowdStrike Cloud

Question No 3

What happens when you create a Sensor Visibility Exclusion for a trusted file path?

Choose the Choices:

It excludes host information from Detections and Incidents generated within that file path location

It prevents file uploads to the CrowdStrike cloud from that file path

It excludes sensor monitoring and event collection for the trusted file path

It disables detection generation from that path, however the sensor can still perform prevention actions

Question No 4

What types of events are returned by a Process Timeline?

Choose the Choices:

Question No 5

What is the difference between a Host Search and a Host Timeline?

Choose the Choices:

Results from a Host Search return information in an organized view by type, while a Host Timeline returns a view of all events recorded by the sensor

A Host Timeline only includes process execution events and user account activity

Results from a Host Timeline include process executions and related events organized by data type. A Host Search returns a temporal view of all events for the given host

There is no difference - Host Search and Host Timeline are different names for the same search page

Practice CrowdStrike CCFR-201 Exam Questions

Question No 1

Question No 2

Question No 3

Question No 4

Question No 5

CCFR-201 Exam Features

CCFR-201 PDF Dumps