Exam CCFR-201 Topic 3 Question 30 Discussion
Actual exam question for CrowdStrike's CCFR-201 exam
Question #: 30
Topic #: 3
Question #: 30
Topic #: 3
From the Detections page, how can you view 'in-progress' detections assigned to Falcon Analyst Alex?
Suggested Answer: D Vote an answer
Explanation
According to the CrowdStrike Falcon Data Replicator (FDR) Add-on for Splunk Guide, the Detections page allows you to view and manage detections generated by the CrowdStrike Falcon platform2. You can use various filters to narrow down the detections based on criteria such asstatus, severity, tactic, technique, etc2. To view 'in-progress' detections assigned to Falcon Analyst Alex, you can filter on 'Status: In-Progress' and 'Assigned-to: Alex*'2. The asterisk (*) is a wildcard that matches any characters after Alex2.
According to the CrowdStrike Falcon Data Replicator (FDR) Add-on for Splunk Guide, the Detections page allows you to view and manage detections generated by the CrowdStrike Falcon platform2. You can use various filters to narrow down the detections based on criteria such asstatus, severity, tactic, technique, etc2. To view 'in-progress' detections assigned to Falcon Analyst Alex, you can filter on 'Status: In-Progress' and 'Assigned-to: Alex*'2. The asterisk (*) is a wildcard that matches any characters after Alex2.
by Silvester at Jan 18, 2025, 09:26 PM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).