CCFA Exam QuestionsBrowse all questions from this exam

CCFA Exam - Question 34


Which option allows you to exclude behavioral detections from the detections page?

Show Answer
Correct Answer: B

Behavioral detections are related to Indicators of Attack (IOA) exclusions. IOA exclusions stop all behavioral detections and preventions for an IOA that’s based on a CrowdStrike-generated detection. This means that choosing the IOA exclusion option will allow you to exclude behavioral detections from the detections page.

Discussion

16 comments
Sign in to comment
kgbacOption: B
Feb 15, 2023

IOA exclusion ?? B

testmailuc
Mar 7, 2023

You are right. Just for documentation confirmation. About exclusions we have: IOA: Stop all behavioral detections and preventions for an IOA that’s based on a CrowdStrike-generated detection. Machine learnings: For trusted file paths, stop all ML-based detections and preventions, or stop files from being uploaded to the CrowdStrike cloud. From documentation. So correct answer is B

ShuliAbbaOption: A
Jan 28, 2023

A is correct

testmailuc
Mar 7, 2023

You are wrong. About exclusions we have: IOA: Stop all behavioral detections and preventions for an IOA that’s based on a CrowdStrike-generated detection. Machine learnings: For trusted file paths, stop all ML-based detections and preventions, or stop files from being uploaded to the CrowdStrike cloud. From documentation. So correct answer is B

testmailucOption: B
Mar 7, 2023

About exclusions we have: IOA: Stop all behavioral detections and preventions for an IOA that’s based on a CrowdStrike-generated detection. Machine learnings: For trusted file paths, stop all ML-based detections and preventions, or stop files from being uploaded to the CrowdStrike cloud. From documentation. So correct answer is B

BelroseOption: A
Mar 25, 2023

I think the A option is the correct answer. In IOA actions you can not avoid the detection, you only can monitor, detect or mitigate in any way (Kill process, Block Execution) so it is not possible to hide the detection. In relation with the IOAs are applied to all the detections in general not only for behavioural detection, so the Machine Learning is the only choice that is related with only behavioural detections, and finally with machine learning detections it is possible avoid the detection and prevention, so I think the most logical answer is A.

Alex_41Option: B
Jun 2, 2023

IOA Exclusion says - Stop all behavioral detections and preventions for an IOA that’s based on a CrowdStrike-generated detection. Source: https://falcon.crowdstrike.com/documentation/68/detection-and-prevention-policies#exclusions

GapsiuxOption: B
Jan 17, 2024

B is correct. From CS KB: Stop all behavioural detections and preventions for an IOA that’s based on a CrowdStrike-generated detection.

Reddington0214Option: A
Feb 19, 2023

When we say behavioral detection machine learning is much closer

testmailuc
Mar 7, 2023

You are wrong. About exclusions we have: IOA: Stop all behavioral detections and preventions for an IOA that’s based on a CrowdStrike-generated detection. Machine learnings: For trusted file paths, stop all ML-based detections and preventions, or stop files from being uploaded to the CrowdStrike cloud. From documentation. So correct anwser is B

Killer44010Option: B
Mar 8, 2023

its B, CrowdStrike’s Machine Learning and behavior based detections known as Indicators of Attack (IOAs)

Killer44010Option: B
Mar 8, 2023

CrowdStrike’s Machine Learning and behavior based detections known as Indicators of Attack (IOAs)

im2caOption: B
Mar 22, 2023

IOA: Stop all behavioral detections and preventions for an IOA that’s based on a CrowdStrike-generated detection.

kgmangleOption: B
Mar 26, 2023

Correct Answer is B

FerbOPOption: B
Apr 25, 2023

B is correct

xartOption: B
May 9, 2023

IOA Exclusion is correct

MSKidOption: B
May 25, 2023

IOA is correct

ManuneethiOption: B
Jul 17, 2023

B is correct. The option under Exclusion-2nd option IOA Exclusions

GreenHokOption: B
Jul 15, 2024

B is correct