CCFA-200b問題と解答 & CCFA-200bテキストMogiExamはIT認定試験を受験した多くの人々を助けました。また、受験生からいろいろな良い評価を得ています。MogiExamのCCFA-200b問題集の合格率が100%に達することも数え切れない受験生に証明された事実です。もし試験の準備をするために大変を感じているとしたら、ぜひMogiExamのCCFA-200b問題集を見逃さないでください。これは試験の準備をするために非常に効率的なツールですから。この問題集はあなたが少ない労力で最高の結果を取得することができます。 CrowdStrike Falcon Administrator 認定 CCFA-200b 試験問題 (Q220-Q225):質問 # 220
Which of the following applies to Custom Blocking Prevention Policy settings?
A. Executions blocked via hash blocklist may have partially executed prior to hash calculation process remediation may be necessary
B. Hashes must be entered on the Prevention Hashes page before they can be blocked via this policy
C. Blocklisting applies to hashes, IP addresses, and domains
D. You can only blocklist hashes via the API
正解:B
解説:
Falcon allows you to upload hashes from your own black or white lists. To enabled this navigate to the Configuration App, Prevention hashes window, and click on "Upload Hashes" in the upper right-hand corner. Note that you can also automate the task of importing hashes with the CrowdStrike Falcon?API.
質問 # 221
Why do Sensor Update policies need to be configured for each OS (Windows, Mac, Linux)?
A. To bundle the Sensor and Prevention policies together into a deployment package
B. To assist with auditing and change management
C. Sensor Update policies are OS dependent
D. This is false. One policy can be applied to all Operating Systems
正解:C
解説:
Sensor Update policies need to be configured for each OS (Windows, Mac, Linux) because Sensor Update policies are OS dependent. A Sensor Update policy is a policy that controls how and when the Falcon sensor is updated on a host. Sensor Update policies are specific to each operating system type, as different operating systems have different sensor versions, features, and requirements. Therefore, you need to create and assign separate Sensor Update policies for each operating system type in your environment.
質問 # 222
What is the purpose of precedence with respect to the Sensor Update policy?
A. Hosts assigned to multiple policies will assume the lowest ranked policy in the list (policy with the highest number)
B. Precedence ensures that conflicting policy settings are not set in the same policy
C. Hosts assigned to multiple policies will assume the highest ranked policy in the list (policy with the lowest number)
D. Precedence applies to the Prevention policy and not to the Sensor Update policy
正解:C
解説:
The purpose of precedence with respect to the Sensor Update policy is that hosts assigned to multiple policies will assume the highest ranked policy in the list (policy with the lowest number).
This means that if a host belongs to more than one group that has different Sensor Update policies assigned, it will use the policy that has the highest precedence (lowest number) among them. The other options are either incorrect or not related to precedence.
質問 # 223
With Custom Alerts, it is possible to __________.
A. be alerted to activity in real-time
B. schedule the alert to run at any interval
C. receive an alert in an email
D. configure prevention actions for alerting
正解:C
解説:
The reporting interval is predefined and cannot be changed. You can only enable/disable the custom alert feature and add/remove recipient email client for the alert/detection.
質問 # 224
How do you assign a Prevention policy to one or more hosts?
A. Ensure the hosts are in a group and assign that group to a custom Prevention policy
B. Create a new policy and assign it directly to those hosts on the Host Management page
C. Create a new policy and assign it directly to those hosts on the Prevention policy page
D. Modify the users roles on the User Management page
正解:A
解説:
The administrator can assign a Prevention policy to one or more hosts by ensuring the hosts are in a group and assigning that group to a custom Prevention policy. This allows users to apply different prevention settings and options to different groups of hosts based on their needs and preferences. The other options are either incorrect or not applicable to assigning a Prevention policy.