Question No : 1
What role does the ‘Event Type’ filter play in the Event Search process?
정답:
Question No : 2
The __________ feature helps determine if a file hash has been observed in other detections across multiple hosts.
정답:
Question No : 3
What would be a logical next step after identifying an unmanaged host in Host Search?
정답:
Question No : 4
Which of the following best describes the primary purpose of the MITRE ATT&CK framework?
정답:
Question No : 5
Which two detection filtering options are available in the Endpoint Security > Endpoint Detections page? (Choose two)
정답:
Question No : 6
From the Full Detection Details panel, the __________ can be used to identify which process launched the suspicious activity.
정답:
Question No : 7
Which two effects can occur when applying a blocklist policy on a hash in Falcon? (Choose two)
정답:
Question No : 8
In the Full Detection View, which feature provides detailed context such as command-line arguments and file reputation?
정답:
Question No : 9
Which file management capability is supported in Falcon RTR?
정답:
Question No : 10
When viewing detection information, which component provides granular details like command-line arguments and file paths?
정답:
Question No : 11
What role does threat intelligence play in detection analysis?
정답:
Question No : 12
In the MITRE ATT&CK® Framework, which of the following techniques falls under the 'Execution' tactic?
정답:
Question No : 13
Which of the following is NOT a useful artifact when investigating a Windows endpoint?
정답:
Question No : 14
When analyzing events in CrowdStrike Falcon, which data type is most commonly used to understand user interactions?
정답:
Question No : 15
Which of the following search filters can be applied in Falcon to narrow down results?
정답:
