Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

CrowdStrike Exam CCFH-202 Topic 10 Question 35 Discussion

Actual exam question for CrowdStrike's CCFH-202 exam
Question #: 35
Topic #: 10
[All CCFH-202 Questions]

Where would an analyst find information about shells spawned by root, Kernel Module loads, and wget/curl usage?

Show Suggested Answer Hide Answer
Suggested Answer: B

The Linux Sensor report is where an analyst would find information about shells spawned by root, Kernel Module loads, and wget/curl usage. The Linux Sensor report is a pre-defined report that provides a summary view of selected activities on Linux hosts. It shows information such as process execution events, network connection events, file write events, etc. that occurred on Linux hosts within a specified time range. The Sensor Health report, the Sensor Policy Daily report, and the Mac Sensor report do not provide the same information.


Contribute your Thoughts:

Sang
4 days ago
The Linux Sensor report seems like the obvious choice here. I mean, where else would you find info on kernel modules and shell activity?
upvoted 0 times
...

Save Cancel