CrowdStrike Exam CCFH-202 Topic 8 Question 36 Discussion

Actual exam question for CrowdStrike's CCFH-202 exam

Question #: 36
Topic #: 8

Refer to Exhibit.

Falcon detected the above file attempting to execute. At initial glance; what indicators can we use to provide an initial analysis of the file?

AVirusTotal, Hybrid Analysis, and Google pivot indicator lights enabled

BFile name, path, Local and Global prevalence within the environment

CFile path, hard disk volume number, and IOC Management action

DLocal prevalence, IOC Management action, and Event Search

Show Suggested Answer

Suggested Answer: C

IP Search is an Investigate tool that allows you to look up information about external IPs only. It shows information such as geolocation, network connection events, detection history, etc. for each external IP address that has communicated with your hosts. It does not show information about internal IPs, suspicious IPs, or both internal and external IPs.

by Terrilyn at Jan 09, 2025, 05:25 AM

Limited Time Offer

25%

Off

Get Premium CCFH-202 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Ardella

3 days ago

I think we should look at the file name, path, and prevalence within the environment.

upvoted 0 times

...