Which of the following options is a feature found ONLY with the Sensor-based Machine Learning (ML)?
Which of the following options is a feature found ONLY with the Sensor-based Machine Learning (ML)?
Real-time offline protection is a feature found only with sensor-based machine learning. While other features can also be achieved through various methods, real-time offline protection specifically relies on the local sensor's capability to work without an active internet connection, which is unique to sensor-based ML systems.
C should be correct
Correct should be C after revisit the doc. Provides machine learning-based on-sensor AV protection for malicious files, including offline protection.
only sensor base include offline Sensor Anti-malware For offline and online hosts, use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware. About levels
For offline and online hosts, use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware
C is correct
It should be D, the only option within the Sensor Machine Learning section is Sensor Anti-malware (Detection & Prevention) and it reads: "For offline and online hosts, use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware. That's basically what option D is
A is the correct answer
I would go with D. After checking the documentation i found this "or unknown and zero-day threats, Falcon applies IOA detection, using machine learning techniques to build predictive models that can detect never-before-seen malicious activities with high accuracy." ChatGPT also confirms it and some online resources
C is correct, check falcon console > Next-Gen Antivirus, Sensor Machine Learning only appear Sensor Anti-malware
Answer is D. "For offline and online hosts, use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware."
Going with C. The policy says " For offline and online hosts"
C is correct as it is for offline
D is correct. Says right in the setting "...use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware.
According to documentation (documentation/detections/technique/sensor-based-ml-cst0007): CrowdStrike sensor-based machine learning (ML) identifies and analyzes unknown executables as they run on hosts. This technique is triggered by files and file attributes associated with known malware. This is similar to the [Cloud-based ML](/support/documentation/detections/technique/cloud-based-ml) technique. Cloud-based ML is informed by global analysis of executables that classifies and identifies malware. The key difference is that it doesn't run on hosts when they're offline. Therefore it is D. Sensor-based ML does not run on hosts when they are offline, discarding C.
It's mentioned in the console, "For offline and online hosts.....". So the answer shouldn't be "C". ==================================================== Sensor Anti-malware For offline and online hosts, use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware. About levels
In the prevention policy its clearly mentioned that " FOR OFFLINE AND ONLINE HOSTS" - "For offline and online hosts, use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware.", so the answer should be D