Most Recent CrowdStrike CCFA-200 Exam Questions & Answers

Prepare for the CrowdStrike Certified Falcon Administrator exam with our extensive collection of questions and answers. These practice Q&A are updated according to the latest syllabus, providing you with the tools needed to review and test your knowledge.

QA4Exam focus on the latest syllabus and exam objectives, our practice Q&A are designed to help you identify key topics and solidify your understanding. By focusing on the core curriculum, These Questions & Answers helps you cover all the essential topics, ensuring you're well-prepared for every section of the exam. Each question comes with a detailed explanation, offering valuable insights and helping you to learn from your mistakes. Whether you're looking to assess your progress or dive deeper into complex topics, our updated Q&A will provide the support you need to confidently approach the CrowdStrike CCFA-200 exam and achieve success.

The questions for CCFA-200 were last updated on Jan 18, 2025.

Viewing page 1 out of 31 pages.
Viewing questions 1-5 out of 153 questions

Get All 153 Questions & Answers

Question No. 1

Where in the Falcon console can information about supported operating system versions be found?

AConfiguration module

BIntelligence module

CSupport module

DDiscover module

Show Answer

Correct Answer: C

Information about supported operating system versions can be found in the Support module in the Falcon console. This module provides access to various support resources, such as documentation, downloads, FAQs, release notes and system status. One of the documents available in this module is the CrowdStrike Sensor Compatibility List, which lists the supported operating system versions for each sensor type and platform. The other options are either incorrect or not related to finding information about supported operating system versions. Reference:CrowdStrike Falcon User Guide, page 26.

Question No. 2

What may prevent a user from logging into Falcon via single sign-on (SSO)?

AThe SSO username doesn't match their email address in Falcon

BThe maintenance token has expired

CFalcon is in reduced functionality mode

DThe user never configured their security questions

Show Answer

Correct Answer: A

: The option that may prevent a user from logging into Falcon via single sign-on (SSO) is that the SSO username doesn't match their email address in Falcon. SSO is a feature that allows you to use an external identity provider (IdP) to authenticate and authorize users to access the Falcon platform. SSO simplifies and streamlines the login process, as users only need to remember one set of credentials for multiple applications. However, SSO requires that the username in the IdP matches the email address in Falcon for each user. If there is a mismatch between the username and the email address, the user will not be able to log into Falcon via SSO.

Question No. 3

Under the "Next-Gen Antivirus: Cloud Machine Learning" setting there are two categories, one of them is "Cloud Anti-Malware" and the other is:

AAdware & PUP

BAdvanced Machine Learning

CSensor Anti-Malware

DExecution Blocking

Show Answer

Correct Answer: A

With EDR license, if you go to 'Audit logs > Machine-learning prevention monitoring', three options appear: Cloud Anti-malware, Sensor Anti-malware and Adware&PUP. Therefore, answer is A.

Question No. 4

What is the purpose of a containment policy?

ATo define which Falcon analysts can contain endpoints

BTo define the duration of Network Containment

CTo define the trigger under which a machine is put in Network Containment (e.g. a critical detection)

DTo define allowed IP addresses over which your hosts will communicate when contained

Show Answer

Correct Answer: D

In the Containment Policy page have the title 'Network traffic allowlist' and it only allows to add IPs or CIDR networks to exclude in the moment of the isolation of any host, because it is a global policy, not allowing make distinctions between machines.

Question No. 5

What is the maximum number of patterns that can be added when creating a new exclusion?

A10

Show Answer

Correct Answer: C

The maximum number of patterns that can be added when creating a new exclusion is one. Each exclusion can only have one pattern, which can be a file path, a hash, a command line or a user name. The other options are either incorrect or not related to creating exclusions. Reference:CrowdStrike Falcon User Guide, page 37.

Unlock All Questions for CrowdStrike CCFA-200 Exam

Full Exam Access, Actual Exam Questions, Validated Answers, Anytime Anywhere, No Download Limits, No Practice Limits

Get All 153 Questions & Answers