Back

Practice Free CCFR-201b Exam Online Questions

Question #101

What is a key benefit of using the "Saved Searches" feature in CrowdStrike Falcon?

  • A . It increases system performance
  • B . It allows for automatic threat detection
  • C . It lets users quickly access frequently used search queries
  • D . It provides user training materials

Reveal Solution Hide Solution

Correct Answer: C
Question #102

What is the primary purpose of conducting an event investigation in cybersecurity?

  • A . To deploy new security tools
  • B . To understand and remediate security incidents
  • C . To maintain compliance with regulations
  • D . To improve user experience

Reveal Solution Hide Solution

Correct Answer: B
Question #103

What is the effect of using NOT in a search query in the Falcon platform?

  • A . It includes all terms
  • B . It excludes specified terms
  • C . It limits results to files only
  • D . It sorts results by severity

Reveal Solution Hide Solution

Correct Answer: B
Question #104

Which of the following actions can be taken on a remote endpoint using Falcon RTR?

  • A . Create a new user account
  • B . Execute a shell command
  • C . Change the system time
  • D . Update the operating system

Reveal Solution Hide Solution

Correct Answer: B
Question #105

What is the primary purpose of the MITRE ATT&CK® Framework?

  • A . To provide guidelines for software development
  • B . To offer a knowledge base for adversary tactics and techniques
  • C . To define network security protocols
  • D . To standardize cloud computing practices

Reveal Solution Hide Solution

Correct Answer: B
Question #106

How can you use the Event Search feature to assist in compliance audits?

  • A . By creating automated reports
  • B . By searching and documenting security-related events
  • C . By deleting all irrelevant events
  • D . By preventing unauthorized access

Reveal Solution Hide Solution

Correct Answer: B
Question #107

What role does collaboration play in event investigation?

  • A . It is unnecessary and slows down the process
  • B . It allows for sharing of tasks and expertise
  • C . It complicates decision-making
  • D . It focuses only on legal aspects

Reveal Solution Hide Solution

Correct Answer: B
Question #108

What type of search function would you use to identify specific anomalies across multiple endpoints?

  • A . Basic Search
  • B . Network Search
  • C . Filtered Search
  • D . Correlation Search

Reveal Solution Hide Solution

Correct Answer: D