Question 1

A company wants to create a Falcon Sensor policy to enforce strict monitoring on critical servers. What is an essential configuration step for the policy?

Options :

A : Configure prevention settings such as "Exploit Mitigation" and "Malware Prevention" for the policy.

B : Set the policy mode to "Detection Only" for all servers.

C : Add the policy under the "Sensor Exclusions" tab in the Falcon Console.

D : Assign the policy to the "Default Group" to ensure global coverage.

Answer: A

Question 2

When analyzing cloud findings for misconfigurations, which of the following would be considered a high-risk practice that should be flagged for remediation?

Options :

A : Enforcing multi-factor authentication (MFA) for all cloud administrator accounts

B : Implementing role-based access control (RBAC) policies for cloud resources

C : Using network security groups (NSGs) to limit traffic to trusted IP addresses

D : Allowing unrestricted inbound traffic to cloud-hosted resources on port 22

Answer: D

Question 3

When using the Identity Analyzer feature in CrowdStrike CIEM to identify inactive users, which data source is primarily used to assess inactivity?

Options :

A : Audit trails of API calls and resource utilization.

B : Historical security alerts from CrowdStrike Falcon.

C : Network traffic logs from connected endpoints.

D : CrowdStrike Falcon sensor telemetry.

Answer: A

Question 4

What is the recommended action after CrowdStrike Falcon identifies a potentially malicious network connection in a containerized workload?

Options :

A : Rely on cloud provider firewall logs to verify the nature of the connection.

B : Re-scan the container image used by the workload to identify vulnerabilities.

C : Automatically restart the affected container to terminate the malicious connection.

D : Block the container-s network access and perform a forensic investigation of the workload.

Answer: D

Question 5

What is the primary purpose of creating image assessment policies within Falcon Cloud Security?

Options :

A : To create firewall rules for restricting network traffic between containers.

B : To automate the deployment of container images across Kubernetes clusters.

C : To evaluate container images for vulnerabilities and enforce security compliance during the CI/CD pipeline.

D : To configure runtime monitoring for containerized applications in production environments.

Answer: C

Higher Test Marks with Free Online CrowdStrike-Cloud Exam Practice

Buying Options: