How would you find a list of executables running from the Recycle Bin across your environment?
How would you find a list of executables running from the Recycle Bin across your environment?
To find executables running from the Recycle Bin, the most straightforward approach is accessing a pre-configured hunt report specifically designed for this purpose. This ensures that you can quickly retrieve the relevant data without the need for manual query construction, making the process more efficient and user-friendly.
I think the correct answer is A, there is a preconfigured report to get those processes. Option B, when indicating that "it is the only way" I would say, for what was said before, that it is incorrect, although it is indeed possible to use the guide's query.
To see a list of executables running from the Recycle Bin, Falcon provides you a premade report on the Events Search page under Investigate > Hunt > Executables running from Recycle Bin. You can also run the following query. So it is A and not B because both are an option and not only B
I think the correct answer is A, there is a preconfigured report to get those processes. Option B, when indicating that "it is the only way" I would say, for what was said before, that it is incorrect, although it is indeed possible to use the guide's query.
B is correct, sorry.
A. There is a pre-configured report that can be run manually or scheduled.