One of your development teams is working on code for a new enterprise application but Falcon continually flags the execution as a detection during testing. All development work is required to be stored on a file share in a folder called "devcode." What setting can you use to reduce false positives on this file path?
To reduce false positives on a specific file path for development work, such as the 'devcode' folder mentioned, adjusting the Machine Learning Exclusions is the appropriate setting. This allows you to exclude specific files or directories from being flagged by machine learning algorithms, thus minimizing false positives during development testing.
D is correct
D is correct
D is correct
D is the only one that makes sense
The right answer is D. Continment Policy, is a allowlist of IPs and CIDR networks allowed in the moment of a host containtment. The Machine Learning Exclusions are the way to avoid the detections done it by Machine Learning based on files, so it is possible to exclude the detections for the requested folder with a GLOB expression.
Agreed on the voted answer
The correct answer is D! someone in Examtopics gotta re-check it.
Machine Learning exclusions are self-service allowlisting method for when you wish to reduce false positive detections.