CrowdStrike - Limited Time Discount Offer - Ends In 1d 00h 00m 00s Coupon code: Y2430OFF
  1. Home
  2. CrowdStrike
  3. CCFA-200 Dumps
  4. Free CCFA-200 Questions

Free CCFA-200 Questions for CrowdStrike CCFA-200 Exam as PDF & Practice Test Software

Page:    1 / 14   
Total 153 questions

Question 1

What information does the API Audit Trail Report provide?



Question 2

Question 3

Question 4

When a Linux host is in Reduced Functionality Mode (RFM) what telemetry and protection is still offered?



Question 5

You have a Windows host on your network in Reduced functionality mode (RFM). While the system is in RFM, which of the following is TRUE?



Answer : D

The option that is true when a Windows host is in Reduced Functionality Mode (RFM) is that some detection patterns and preventions will not be triggered. RFM is a mode that limits the sensor's functionality due to license expiration, network connectivity loss, or certificate validation failure. When a Windows sensor is in RFM, it will only provide basic prevention capabilities, such as blocking known malware hashes and preventing script execution from the %TEMP% directory. The sensor will not send any telemetry or detection events to the Falcon platform, and will not receive any policy or update changes from the Falcon cloud. This means that some detection patterns and preventions that rely on telemetry, machine learning, or cloud analysis will not be triggered.


Page:    1 / 14   
Total 153 questions