Exam CCFH-202 Topic 6 Question 44 Discussion

Actual exam question for CrowdStrike's CCFH-202 exam
Question #: 44
Topic #: 6
Which of the following is a suspicious process behavior?

Suggested Answer: D Vote an answer

Non-network processes are processes that are not expected to communicate over the network, such as notepad.exe. If they make an outbound network connection, it could indicate that they are compromised or maliciously used by an adversary. PowerShell running an execution policy of RemoteSigned is a default setting that allows local scripts to run without digital signatures. An Internet browser performing multiple DNS requests is a normal behavior for web browsing. PowerShell launching a PowerShell script is also a common behavior for legitimate tasks.

by Barlow at Oct 21, 2025, 08:09 AM

Limited Time Offer

15%

Off

Get Premium CCFH-202 Questions as Interactive Self Test Engine or PDF

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
0
0
0
10