Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CrowdStrike Exam CCFH-202 Topic 7 Question 24 Discussion

Actual exam question for CrowdStrike's CCFH-202 exam
Question #: 24
Topic #: 7
[All CCFH-202 Questions]

What is the difference between a Host Search and a Host Timeline?

Show Suggested Answer Hide Answer
Suggested Answer: B

This is the difference between a Host Search and a Host Timeline. A Host Search is an Investigate tool that allows you to view events by category, such as process executions, network connections, file writes, etc. A Host Timeline is an Investigate tool that allows you to view all events in chronological order, without any categorization. Both tools can be used for detection investigation and proactive hunting, depending on the use case and preference. You can access a Host Search from a detection or manually enter the host details. You can also populate the Host Timeline fields manually or from other pages in Falcon.


by Whitley at Jul 18, 2024, 02:42 PM

Limited Time Offer

25%

Off

Get Premium CCFH-202 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Leonora
11 months ago
Hmm, I'm torn between B and C. I like the idea of being able to see the process events related to a specific detection, but the manual population of the Timeline fields is a bit of a turn-off.
upvoted 0 times
...
Leanna
11 months ago
Seriously, D? There's no difference? That can't be right. I'm pretty sure there's a clear distinction between the two, even if I'm not 100% sure what it is.
upvoted 0 times
Cyndy
10 months ago
B) A Host Search organizes the data in useful event categories like process executions and network connections, a Host Timeline provides an uncategorized view of recorded events in chronological order
upvoted 0 times
...
Leeann
10 months ago
A) Host Search is used for detection investigation and Host Timeline is used for proactive hunting
upvoted 0 times
...
...
Cristina
11 months ago
I'm going with Option A. The Host Search is for investigation, and the Timeline is for proactive hunting. It makes sense to have different tools for different use cases.
upvoted 0 times
...
Glenn
11 months ago
Option B sounds right to me. The Host Search seems to be more organized and categorized, while the Host Timeline is just a chronological view of all the events.
upvoted 0 times
Eveline
10 months ago
So, the Host Search is more for investigation and the Host Timeline is for a general overview of recorded events?
upvoted 0 times
...
Florinda
10 months ago
I think the Host Timeline is useful for seeing the events in order they occurred, without any specific categorization.
upvoted 0 times
...
Clemencia
10 months ago
I see, so the Host Search is more focused on specific event categories, while the Host Timeline gives a broader view of all recorded events.
upvoted 0 times
...
Tayna
10 months ago
Yes, that's correct. The Host Search helps with investigation by organizing data into useful categories, while the Host Timeline shows events in chronological order.
upvoted 0 times
...
Kris
11 months ago
Yeah, the Host Search is more structured with event categories like process executions and network connections.
upvoted 0 times
...
Louvenia
11 months ago
Option B sounds right to me. The Host Search seems to be more organized and categorized, while the Host Timeline is just a chronological view of all the events.
upvoted 0 times
...
Chantay
11 months ago
I agree, option B does seem to make sense. The Host Search does categorize the data, while the Host Timeline is just in chronological order.
upvoted 0 times
...
...
Dona
11 months ago
So, the difference is not just about how you access them, but also about the type of data they organize and display.
upvoted 0 times
...
Carma
12 months ago
I'm not sure, but I think Host Search is accessed from a detection to show related process events, while Host Timeline fields need to be populated manually.
upvoted 0 times
...
Freeman
12 months ago
I believe Host Search categorizes data like process executions, while Host Timeline shows events in chronological order.
upvoted 0 times
...
Dona
12 months ago
I think the difference is that Host Search is for detection investigation and Host Timeline is for proactive hunting.
upvoted 0 times
...

Save Cancel