CrowdStrike CCIS Exam Practice Questions and Answers

Question 6 of 121

Given the detection exclusion shown above, which answer CORRECT describes how this would work regarding the “Suspicious protocol implementation (pass the hash)” detection?

A.

It WILL trigger when Domain Admins attempt this activity against domain controllers, as long as the source host has a Zero Trust Assessment score of 90+

B.

It will NOT trigger when Domain Admins attempt this activity against domain controllers as long as the source host has a Zero Trust Assessment score of 90+

C.

It will NOT trigger when Domain Admins attempt this activity against domain controllers, as long as the domain controllers have a Zero Trust Assessment score of 90+

D.

It will NOT trigger when any privileged user attempts this activity against domain controllers, as long as the source host has a Zero Trust Assessment score of 90+

Question 7 of 121

Given information from the Falcon Identity Protection detection shown in the figure above, which of the following responses is TRUE?

A.

User bbanner typically uses computer CAST-EAGLE-ADMN, but is seen logging into another computer

B.

User bbanner does not typically use CAST-EAGLE-ADMN, but is seen logging into this computer

C.

User bbanner logged into privileged computer CAST-EAGLE-ADMN, which should not be allowed

D.

User CAST-EAGLE-ADMN logged into computer bbanner, which is unusual

Question 8 of 121

What needs to be added to the following Fusion Workflow in order to monitor entities related to these particular endpoint detections?

A.

Add user and endpoint to marked list

B.

Network contain user and endpoint

C.

Add user and endpoint to watchlist

D.

Get device details and add endpoint to host group

Question 9 of 121

Which of the following are not included within the three-dot menu on Identity-based Detections?

A.

Edit status

B.

Add comment

C.

Add exclusion

D.

Add to Watchlist

Question 10 of 121

The Risk Matrix shows the risks rated by two parameters, what are they?

A.

Likelihood and Consequences

B.

Rarity and Visibility

C.

Exposure and Severity

D.

Complexity and Quantity