Practice Free CCFR-201b Exam Online Questions
Which MITRE ATT&CK® tactic specifically deals with actions taken to avoid detection during an attack?
- A . Command and Control
- B . Defense Evasion
- C . Execution
- D . Lateral Movement
What is the purpose of a detection rule in a security tool?
- A . To format alerts for easy readability
- B . To define criteria for identifying potential threats
- C . To initiate automatic responses to all incidents
- D . To monitor end-user behavior
Which type of data is most relevant for performing detection analysis?
- A . User satisfaction surveys
- B . Network traffic data
- C . Financial transaction logs
- D . Employee performance reviews
What kind of data is primarily used for detection analysis?
- A . Network traffic analysis
- B . User training logs
- C . Software compatibility reports
- D . Hardware configuration lists
Which of the following search filters can be applied in Falcon to narrow down results?
- A . Time Range
- B . Usernames
- C . Event Types
- D . All of the above
What type of operators can be used to enhance search queries in CrowdStrike Falcon?
- A . Logical operators (AND, OR, NOT)
- B . Only numerical operators
- C . Manual syntax requirements
- D . Geographical operators
In CrowdStrike Falcon, what can you do if you notice a pattern of events related to a suspected attack?
- A . Ignore it, as patterns don’t indicate attacks
- B . Use Event Search to investigate and correlate events
- C . Immediately shut down the affected endpoints
- D . Call law enforcement
What is the main purpose of applying search filters in the Event Search functionality?
- A . To increase the volume of events returned
- B . To exclude all known good events
- C . To target specific events of interest
- D . To simplify the user interface
Which of the following best describes the function of the ‘limit’ clause in a search query?
- A . It restricts the fields that are returned in the results
- B . It sets the maximum number of results returned
- C . It groups results based on a criterion
- D . It categorizes results by severity
In Falcon RTR, what is the primary purpose of the "File Management" feature?
- A . To log network traffic
- B . To retrieve and delete files on endpoints
- C . To update software versions
- D . To create firewall rules