CCFH-202 무료 덤프문제 온라인 액세스

Which Falcon documentation guide should you reference to hunt for anomalies related to scheduled tasks and other Windows related artifacts?

• A.MITRE-Based Falcon Detections Framework
• B.Events Data Dictionary
• C.Customizable Dashboards
• D.Hunting and Investigation

Which pre-defined reports offer information surrounding activities that typically indicate suspicious activity occurring on a system?

• A.Sensor reports
• B.Scheduled searches
• C.Hunt reports
• D.Timeline reports

The Falcon Detections page will attempt to decode Encoded PowerShell Command line parameters when which PowerShell Command line parameter is present?

• A.-Hidden
• B.-e
• C.-nop
• D.-Command

What information is provided from the MITRE ATT&CK framework in a detection's Execution Details?

• A.Grouping Tag
• B.Triggering Indicator
• C.Command Line
• D.Technique ID

Which field in a DNS Request event points to the responsible process?

• A.ContextProcessld_decimal
• B.TargetProcessld_decimal
• C.ParentProcessId_decimal
• D.ContextProcessld_readable