Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Crowdstrike Discussions
exam questions

Exam CCFA All Questions

View all questions & answers for the CCFA exam
Go to Exam

Exam CCFA topic 1 question 10 discussion

Actual exam question from CrowdStrike's CCFA
Question #: 10
Topic #: 1
[All CCFA Questions]

One of your development teams is working on code for a new enterprise application but Falcon continually flags the execution as a detection during testing. All development work is required to be stored on a file share in a folder called "devcode." What setting can you use to reduce false positives on this file path?

  • A. USB Device Policy
  • B. Firewall Rule Group
  • C. Containment Policy
  • D. Machine Learning Exclusions
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by plantvast at Jan. 20, 2023, 3:44 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
vsnt89
2 months, 3 weeks ago
Selected Answer: D
The answer is the D. Within the Machine Learning Exclusion, you can configure a path which won't be scanned by the sensor.
upvoted 1 times
...
sbag0024
1 year, 5 months ago
Selected Answer: D
D is correct
upvoted 1 times
...
06a3353
1 year, 5 months ago
Selected Answer: D
D is correct
upvoted 1 times
...
FerbOP
1 year, 7 months ago
Selected Answer: D
D is correct
upvoted 1 times
...
chaos_mob
1 year, 7 months ago
Selected Answer: D
D is the only one that makes sense
upvoted 1 times
...
Belrose
1 year, 8 months ago
Selected Answer: D
The right answer is D. Continment Policy, is a allowlist of IPs and CIDR networks allowed in the moment of a host containtment. The Machine Learning Exclusions are the way to avoid the detections done it by Machine Learning based on files, so it is possible to exclude the detections for the requested folder with a GLOB expression.
upvoted 1 times
AntiVirusAshok
3 months, 4 weeks ago
Containment mainly focuses on isolating the machine and triggering detection while the machine is contained
upvoted 1 times
...
...
Reddington0214
1 year, 9 months ago
Agreed on the voted answer
upvoted 1 times
...
ShuliAbba
1 year, 10 months ago
The correct answer is D! someone in Examtopics gotta re-check it.
upvoted 2 times
...
plantvast
1 year, 10 months ago
Selected Answer: D
Machine Learning exclusions are self-service allowlisting method for when you wish to reduce false positive detections.
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel