exam questions

Exam CCFA All Questions

View all questions & answers for the CCFA exam

Exam CCFA topic 1 question 71 discussion

Actual exam question from CrowdStrike's CCFA
Question #: 71
Topic #: 1
[All CCFA Questions]

Which of the following options is a feature found ONLY with the Sensor-based Machine Learning (ML)?

  • A. Next-Gen Antivirus (NGAV) protection
  • B. Adware and Potentially Unwanted Program detection and prevention
  • C. Real-time offline protection
  • D. Identification and analysis of unknown executables
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
evilCorpBot7494
3 weeks, 3 days ago
Selected Answer: D
The unkown executables and zero days is the whole purpose of applying Machine Learning to threat detection in cybersecurity. Offline protection should still be had by all modules, otherwise CS would be a very bad solution if it only protects from your blacklisted hashes when you have internet. Answer is D.
upvoted 1 times
...
sadevek
5 months, 3 weeks ago
In the prevention policy its clearly mentioned that " FOR OFFLINE AND ONLINE HOSTS" - "For offline and online hosts, use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware.", so the answer should be D
upvoted 1 times
...
Brian9296
1 year, 2 months ago
Selected Answer: D
It's mentioned in the console, "For offline and online hosts.....". So the answer shouldn't be "C". ==================================================== Sensor Anti-malware For offline and online hosts, use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware. About levels
upvoted 1 times
...
DarkieCopy
1 year, 5 months ago
Selected Answer: D
According to documentation (documentation/detections/technique/sensor-based-ml-cst0007): CrowdStrike sensor-based machine learning (ML) identifies and analyzes unknown executables as they run on hosts. This technique is triggered by files and file attributes associated with known malware. This is similar to the [Cloud-based ML](/support/documentation/detections/technique/cloud-based-ml) technique. Cloud-based ML is informed by global analysis of executables that classifies and identifies malware. The key difference is that it doesn't run on hosts when they're offline. Therefore it is D. Sensor-based ML does not run on hosts when they are offline, discarding C.
upvoted 1 times
...
TommyJ111
1 year, 6 months ago
Selected Answer: D
D is correct. Says right in the setting "...use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware.
upvoted 1 times
...
sbag0024
1 year, 6 months ago
Selected Answer: C
C is correct as it is for offline
upvoted 1 times
...
sbag0024
1 year, 6 months ago
Selected Answer: C
Going with C. The policy says " For offline and online hosts"
upvoted 1 times
...
LaCubanita
1 year, 7 months ago
Selected Answer: D
It should be D, the only option within the Sensor Machine Learning section is Sensor Anti-malware (Detection & Prevention) and it reads: "For offline and online hosts, use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware. That's basically what option D is
upvoted 2 times
...
FerbOP
1 year, 8 months ago
Selected Answer: C
C is correct
upvoted 2 times
...
Dave071
1 year, 8 months ago
Answer is D. "For offline and online hosts, use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware."
upvoted 1 times
...
Prr0
1 year, 9 months ago
C is correct, check falcon console > Next-Gen Antivirus, Sensor Machine Learning only appear Sensor Anti-malware
upvoted 1 times
...
bbqsauceomg
1 year, 9 months ago
Selected Answer: C
only sensor base include offline Sensor Anti-malware For offline and online hosts, use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware. About levels
upvoted 3 times
...
testmailuc
1 year, 9 months ago
Selected Answer: D
I would go with D. After checking the documentation i found this "or unknown and zero-day threats, Falcon applies IOA detection, using machine learning techniques to build predictive models that can detect never-before-seen malicious activities with high accuracy." ChatGPT also confirms it and some online resources
upvoted 1 times
...
andreiushu
1 year, 10 months ago
Selected Answer: D
For offline and online hosts, use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware
upvoted 2 times
...
Roy_So
1 year, 10 months ago
Selected Answer: C
Correct should be C after revisit the doc. Provides machine learning-based on-sensor AV protection for malicious files, including offline protection.
upvoted 3 times
...
VJJijo
1 year, 10 months ago
C should be correct
upvoted 3 times
...
Roy_So
1 year, 10 months ago
Selected Answer: A
A is the correct answer
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago