BlackFriday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CrowdStrike Exam CCFR-201 Topic 3 Question 20 Discussion

Actual exam question for CrowdStrike's CCFR-201 exam
Question #: 20
Topic #: 3
[All CCFR-201 Questions]

Where are quarantined files stored on Windows hosts?

Show Suggested Answer Hide Answer
Suggested Answer: B

According to theCrowdStrike Falcon Data Replicator (FDR) Add-on for Splunk Guide, when you quarantine a file from a host using IOC Management or Real Time Response (RTR), you are moving it from its original location to a secure location on the host where it cannot be executed2.The file is also encrypted and renamed with a random string of characters2.On Windows hosts, quarantined files are stored in C:WindowsSystem32DriversCrowdStrikeQuarantine folder2.


by Filiberto at Aug 03, 2024, 03:26 PM

Limited Time Offer

25%

Off

Get Premium CCFR-201 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Selma
3 months ago
Wait, CrowdStrike? Is this a Windows update or an antivirus thing? I'm so confused, but I'll go with B just to be safe.
upvoted 0 times
...
Ashton
3 months ago
D) Windows\\temp\\Drivers\\CrowdStrike\\Quarantine sounds like something a Windows developer would come up with. 'Temporary' and 'CrowdStrike' just scream 'random location'.
upvoted 0 times
Mozell
2 months ago
D) Windows\\temp\\Drivers\\CrowdStrike\\Quarantine does sound like a temporary and random location for quarantined files.
upvoted 0 times
...
Brandon
2 months ago
C) Windows\\System32\\ is a common system directory, but not specifically for quarantined files.
upvoted 0 times
...
Oretha
2 months ago
B) Windows\\System32\\Drivers\\CrowdStrike\\Quarantine seems like a specific location for quarantined files.
upvoted 0 times
...
Hannah
2 months ago
A) Windows\\Quarantine is where quarantined files are stored.
upvoted 0 times
...
...
Matt
3 months ago
C) Windows\\System32\\ is way too generic. If they're quarantining files, they're probably not just dumping them in the main System32 folder.
upvoted 0 times
Precious
2 months ago
B) Windows\\System32\\Drivers\\CrowdStrike\\Quarantine
upvoted 0 times
...
Precious
3 months ago
A) Windows\\Quarantine
upvoted 0 times
...
...
Tyisha
3 months ago
I think the correct answer is Windows\System32\Drivers\CrowdStrike\Quarantine because it makes sense to have them in a specific folder for security reasons.
upvoted 0 times
...
Gretchen
3 months ago
I'm not sure, but I think it might be Windows\temp\Drivers\CrowdStrike\Quarantine.
upvoted 0 times
...
Nathalie
3 months ago
B) Windows\\System32\\Drivers\\CrowdStrike\\Quarantine sounds a bit too specific, but hey, you never know what kind of crazy stuff Windows can do.
upvoted 0 times
Juliann
2 months ago
I agree, Windows\\Quarantine seems like the most likely location.
upvoted 0 times
...
Toshia
3 months ago
Yeah, that sounds like a logical place for quarantined files.
upvoted 0 times
...
Cherry
3 months ago
I think it's probably stored in Windows\\Quarantine.
upvoted 0 times
...
...
Dominque
3 months ago
I believe they are stored in Windows\Quarantine.
upvoted 0 times
...
Marg
3 months ago
A) Windows\\Quarantine seems like the most logical choice here. I mean, where else would they store quarantined files, right?
upvoted 0 times
Dusti
2 months ago
A) Yeah, that does make sense. It's probably a specific folder to keep those files isolated.
upvoted 0 times
...
Jaleesa
3 months ago
C) I'm not sure, but I would guess Windows\\System32\\Drivers\\CrowdStrike\\Quarantine. It just sounds like the right place.
upvoted 0 times
...
James
3 months ago
B) I think it might be Windows\\System32\\Drivers\\CrowdStrike\\Quarantine. That sounds like a secure location for quarantined files.
upvoted 0 times
...
Jamie
3 months ago
A) Windows\\Quarantine seems like the most logical choice here. I mean, where else would they store quarantined files, right?
upvoted 0 times
...
...
Herminia
3 months ago
I think quarantined files are stored in Windows\System32\Drivers\CrowdStrike\Quarantine.
upvoted 0 times
...

Save Cancel