ExamTopics Logo
Mail Us[email protected]
Menu
Crowdstrike Discussions
exam questions

Exam CCFA All Questions

View all questions & answers for the CCFA exam
Go to Exam

Exam CCFA topic 1 question 136 discussion

Actual exam question from CrowdStrike's CCFA
Question #: 136
Topic #: 1
[All CCFA Questions]

What best describes what happens to detections in the console after clicking "Disable Detections" for a host from within the Host Management page?

  • A. Preventions will be disabled for the host
  • B. You cannot disable detections for a host
  • C. The detections for the host are removed from the console immediately and no new detections will display in the console going forward
  • D. Existing detections for the host remain, but no new detections will display in the console going forward
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Lucas_L at Nov. 7, 2023, 10:24 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
evilCorpBot7494
2 weeks, 2 days ago
Selected Answer: C
When you select disable detection for a Host in the Host Management section, the shown message is the following: "You are about to disable detections for HOSTNAME. By doing so, detections will stop being generated on this host and all existing detections for this host will be hidden from the Falcon Host UI. This data will be restored to the UI if you re-enable detections on this host. Are you sure you want to disable detections for HOSTNAME?" So yeah, the correct one is C. The detections for the host are removed from the console immediately and no new detections will display in the console going forward
upvoted 2 times
...
kitkat007
1 month, 2 weeks ago
Selected Answer: D
D. Existing detections for the host remain, but no new detections will display in the console going forward This action does not affect prevention mechanisms; they continue to operate as configured. Disabling detections simply stops new detection alerts from appearing in the console for the specified host.
upvoted 1 times
...
lisaKatia
4 months, 1 week ago
Selected Answer: D
ITS D tested on the UI.
upvoted 1 times
...
javier199255
4 months, 3 weeks ago
Selected Answer: D
Disable detections You are about to disable detections for XXXXXXX. By doing so, detections will stop being generated on this host and all existing detections for this host will be hidden from the Falcon Host UI. This data will be restored to the UI if you re-enable detections on this host. Are you sure you want to disable detections for XXXXXX? Tested in console now
upvoted 1 times
...
Brian9296
1 year, 1 month ago
Selected Answer: C
Below is the pop up when u click on "Disable Detection": You are about to disable detections for XXXXXXXXX. By doing so, detections will stop being generated on this host and all existing detections for this host will be removed from the Falcon Host UI. This data cannot be restored to the UI later, even if you re-enable detections on this host. Are you sure you want to disable detections for XXXXXXXXXXX?
upvoted 1 times
...
juliusib
1 year, 1 month ago
Selected Answer: C
C is correct
upvoted 1 times
...
crowdstrikerz
1 year, 1 month ago
C is correct
upvoted 1 times
...
juliusib
1 year, 2 months ago
C is correct
upvoted 1 times
...
Lucas_L
1 year, 2 months ago
C correct, existing detections gone too
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago