Free CrowdStrike CCFH-202 Questions
-
-
Page: 1/12
Total 60 Questions
Question No 1
Which of the following is a suspicious process behavior?
Question No 2
Which field should you reference in order to find the system time of a *FileWritten event?
Question No 3
What Search page would help a threat hunter differentiate testing, DevOPs, or general user activity from adversary behavior?
Question No 4
An analyst has sorted all recent detections in the Falcon platform to identify the oldest in an effort to determine the possible first victim host What is this type of analysis called?
Question No 5
Refer to Exhibit.
Falcon detected the above file attempting to execute. At initial glance; what indicators can we use to provide an initial analysis of the file?
-
Page: 1/12
Total 60 Questions
-