You are beginning the rollout of the Falcon Sensor for the first time side-by-side with your existing security solution. You need to configure the Machine Learning levels of the Prevention Policy so it does not interfere with existing solutions during the testing phase. What settings do you choose?
To ensure that the Falcon Sensor does not interfere with the existing security solution during the testing phase, it is important to disable prevention. This way, new detections will be reported without taking any preventive action that could conflict with the current solution. Hence, the prevention slider should be set to Disabled. Additionally, setting the detection slider to Moderate ensures that relevant detections are still noted without being overly aggressive, which is suitable for a testing phase where you want to observe the behavior and stability of the new solution without causing disruptions.
B is correct
B is correct
Right B is correct, if you activate protection in any level it can interfere with the other AV solution in the moment of protecting against the detected threat.
B is correct, prevention must be disable to not interfere with other solution
B is correct, checked the Doc, Phase 1 is Mod/disabled.