Join the discussion
Question 1/22
What action is used when you want to save a prevention hash for later use?
Correct Answer: A
Explanation
According to the CrowdStrike Falcon Data Replicator (FDR) Add-on for Splunk Guide, the Always Block action allows you to block a file from executing on any host in your organization based on its hash value2. This action can be used to prevent known malicious files from running on your endpoints2.
According to the CrowdStrike Falcon Data Replicator (FDR) Add-on for Splunk Guide, the Always Block action allows you to block a file from executing on any host in your organization based on its hash value2. This action can be used to prevent known malicious files from running on your endpoints2.
Add Comments
- Other Question (22q)
- Q1. What action is used when you want to save a prevention hash for later use?...
- Q2. How does a DNSRequest event link to its responsible process?...
- Q3. What is the difference between a Host Search and a Host Timeline?...
- Q4. Which of the following is returned from the IP Search tool?...
- Q5. In the "Full Detection Details", which view will provide an exportable text listing of eve...
- Q6. The Process Activity View provides a rows-and-columns style view of the events generated i...
- Q7. In the Hash Search tool, which of the following is listed under Process Executions?...
- Q8. When looking at the details of a detection, there are two fields called Global Prevalence ...
- Q9. The Falcon platform will show a maximum of how many detections per day for a single Agent ...
- Q10. What does pivoting to an Event Search from a detection do?...
- Q11. The Bulk Domain Search tool contains Domain information along with which of the following?...
- Q12. You receive an email from a third-party vendor that one of their services is compromised,t...
- Q13. You are notified by a third-party that a program may have redirected traffic to a maliciou...
- Q14. You can jump to a Process Timeline from many views, like a Hash Search, by clicking which ...
- Q15. Which of the following is NOT a valid event type?...
- Q16. Which statement is TRUE regarding the "Bulk Domains" search?...
- Q17. What is an advantage of using the IP Search tool?...
- Q18. What action is used when you want to save a prevention hash for later use?...
- Q19. Which is TRUE regarding a file released from quarantine?...
- Q20. When analyzing an executable with a global prevalence of common; but you do not know what ...
- Q21. Sensor Visibility Exclusion patterns are written in which syntax?...
- Q22. What information is contained within a Process Timeline?...
