What information is provided when using IP Search to look up an IP address?
A. Internal IPs only
B. Suspicious IP addresses
C. External IPs only
D. Both internal and external IPs
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
Which Falcon documentation guide should you reference to hunt for anomalies related to scheduled tasks and other Windows related artifacts?
A. MITRE-Based Falcon Detections Framework
B. Hunting and Investigation
C. Events Data Dictionary
D. Customizable Dashboards
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 3:
You are reviewing a list of domains recently banned by your organization's acceptable use policy. In particular, you are looking for the number of hosts that have visited each domain. Which tool should you use in Falcon?
A. Bulk Domain Search
B. Allowed Domain Summary Report
C. Create a custom alert for each domain
D. IP Addresses Search
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
Lateral movement through a victim environment is an example of which stage of the Cyber Kill Chain?
A. Actions on Objectives
B. Command & Control
C. Delivery
D. Exploitation
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
What kind of activity does a User Search help you investigate?
A. A history of Falcon Ul logon activity
B. A list of process activity executed by the specified user account
C. A count of failed user logon activity
D. A list of DNS queries by the specified user account
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 6:
In the Powershell Hunt report, what does the "score" signify?
A. Maliciousness score determined by NGAV
B. A cumulative score of the various potential command line switches
C. Number of hosts that ran the PowerShell script
D. How recently the PowerShell script executed
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
1035 お客様のコメント





Sakurai -
このCCFH-202問題集は使いこなせるのであれば私が一番おすすめする問題集、CCFH-202試験対策には最高に使いやすいと思います。