Back

Practice Free CCFR-201b Exam Online Questions

Question #1

Which algorithm is commonly used in detection analysis to identify malware?

  • A . Regression analysis
  • B . Machine learning
  • C . A/B testing
  • D . Load balancing

Reveal Solution Hide Solution

Correct Answer: B
Question #2

What does the term "live response" refer to in the context of Falcon RTR?

  • A . A method to conduct live streaming of incidents
  • B . The ability to interact with a system while it is powered on
  • C . A process for updating Falcon agent in real time
  • D . A dashboard displaying real-time attacks

Reveal Solution Hide Solution

Correct Answer: B
Question #3

How can Falcon RTR help in responding to an indicator of compromise (IOC)?

  • A . It provides a list of all software updates
  • B . It allows you to search for file hashes
  • C . It enables real-time actions like isolating an endpoint
  • D . It automatically patches vulnerabilities

Reveal Solution Hide Solution

Correct Answer: C
Question #4

Which of the following is NOT a category within the MITRE ATT&CK® Framework?

  • A . Initial Access
  • B . Execution
  • C . Detonation
  • D . Impact

Reveal Solution Hide Solution

Correct Answer: C
Question #5

How can you save a search query in the CrowdStrike Falcon Event Search tool?

  • A . By downloading the search results
  • B . By bookmarking the search link
  • C . By saving it as a custom query for future use
  • D . By sending it to a user group

Reveal Solution Hide Solution

Correct Answer: C
Question #6

When should you utilize the Event Search tool?

  • A . To configure antivirus settings
  • B . To monitor user activity on endpoints
  • C . To investigate potential security incidents and anomalies
  • D . To manage software installations

Reveal Solution Hide Solution

Correct Answer: C
Question #7

Which type of alert indicates a high level of confidence in a detected threat?

  • A . Informational alert
  • B . Warning alert
  • C . Suspicious activity alert
  • D . High-confidence alert

Reveal Solution Hide Solution

Correct Answer: D
Question #8

What can the "File Hash" filter help you identify in Falcon Search?

  • A . File access times
  • B . Specific files associated with incidents
  • C . User activity history
  • D . Process execution order

Reveal Solution Hide Solution

Correct Answer: B
Question #9

Which of the following actions can be performed using Falcon RTR’s "Process Management" capability?

  • A . Create new processes
  • B . Terminate running processes
  • C . Monitor web traffic
  • D . Install new applications

Reveal Solution Hide Solution

Correct Answer: B
Question #10

Which of the following statements best describes the use of "Tactics" in the ATT&CK Framework?

  • A . They are the tools used by attackers
  • B . They represent the adversary’s goal during an attack
  • C . They are the vulnerabilities exploited by attackers
  • D . They are specific malware classes

Reveal Solution Hide Solution

Correct Answer: B