Practice Free CCFR-201b Exam Online Questions
Which of the following techniques is not typically used in detection analysis?
- A . Behavioral analysis
- B . Heuristic analysis
- C . Anomaly detection
- D . Data encryption
Which of the following capabilities does Falcon RTR offer regarding file management?
- A . Uploading files to the endpoint
- B . Running a full system backup
- C . Scanning for antivirus
- D . Deleting local user profiles
When using Falcon Search, which filter would you use to search for events originating from a specific user account?
- A . Source IP filter
- B . User filter
- C . Process filter
- D . Action filter
What is the primary purpose of the MITRE ATT&CK® Framework?
- A . To provide a set of guidelines for cybersecurity policies
- B . To serve as a comprehensive knowledge base of adversary tactics and techniques
- C . To endorse specific security products and vendors
- D . To offer a framework for business continuity planning
Which situation would make the use of Falcon RTR particularly important?
- A . Initial deployment of a new system
- B . Responding to a confirmed breach or threat
- C . Conducting a periodic security review
- D . Implementing new software
In detection analysis, what does a false positive indicate?
- A . A real security threat has been identified
- B . No threat exists, but an alert was triggered
- C . The system is functioning as expected
- D . An actual breach occurred
What is a key challenge in detection analysis?
- A . Overwhelming amount of real-time data
- B . Lack of security budget
- C . Limited software tools
- D . Excessive training for staff
What is the primary purpose of performing an event investigation in cybersecurity?
- A . To create traffic reports
- B . To identify threats and vulnerabilities
- C . To configure firewall settings
- D . To allocate system resources
What is the primary goal of detection analysis in the context of cybersecurity?
- A . To respond to incidents
- B . To identify vulnerabilities
- C . To detect suspicious activities
- D . To manage security operations
Which tool is commonly used in event investigations to visualize network traffic and identify anomalies?
- A . Excel
- B . Wireshark
- C . Google Analytics
- D . PowerPoint