Which is a filter within the Host setup and management > Host management page?
A. OU
B. Locality
C. User name
D. BIOS Version
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
What three things does a workflow condition consist of?
A. Triggers, actions, and alerts
B. A beginning, a middle, and an end
C. A parameter, an operator, and a value
D. Notifications, alerts, and API's
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 3:
Which of the following can a Falcon Administrator edit in an existing user's profile?
A. Working groups
B. Phone number
C. Email address
D. First or Last name
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
Which of the following is NOT a way to determine the sensor version installed on a specific endpoint?
A. Use the Investigate > Host Search to filter to the specific endpoint
B. Use the Sensor Report to filter to the specific endpoint
C. Use Host Management to select the desired endpoint. The agent version will be listed in the columns and details
D. From a command line, run the sc query csagent -version command
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
Why is it critical to have separate sensor update policies for Windows/Mac/*nix?
A. The network protocols are different for each host OS
B. There may be special considerations for each OS
C. It is an auditing requirement
D. To assist with testing and tracking sensor rollouts
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 6:
How can a API client secret be viewed after it has been created?
A. Within the API management page, API client secrets can be accessed within the "edit client" functionality
B. The API client secret can be provided by support via direct email request from a Falcon Administrator
C. The API client secret must be reset or a new client created as the secret cannot be viewed after it has been created
D. Selecting "show secret" within the 3-dot dropdown menu will reveal the secret for the selected api client
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 7:
What statement is TRUE about managing a user's role?
A. The Administrator cannot re-use the account email for a new account
B. You must have Falcon MFA enabled first
C. You must be a Falcon Security Lead
D. You must be a Falcon Administrator
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 8:
Even though you are a Falcon Administrator, you discover you are unable to use the "Connect to Host" feature to gather additional information which is only available on the host. Which role do you need added to your user account to have this capability?
A. Remediation Manager
B. Falcon Investigator
C. Real Time Responder
D. Endpoint Manager
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 9:
In order to exercise manual control over the sensor upgrade process, as well as prevent unauthorized users from uninstalling or upgrading the sensor, which settings in the Sensor Update Policy would meet this criteria?
A. Sensor version fixed and Uninstall and maintenance protection turned on
B. Sensor version updates off and Uninstall and maintenance protection turned off
C. Sensor version set to N-2 and Bulk maintenance mode is turned on
D. Sensor version set to N-1 and Bulk maintenance mode is turned on
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
田村** -
広く浅く問われる内容をポイントで上手くまとめてくれていると思います。CCFA-200試験受験者必携の一冊かなって思います!