Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
CROWDSTRIKE EXAM 2024/2025 WITH 100% ACCURATE SOLUTIONS
Typology: Exams
1 / 4
Prevents attack, both malware and malware free, that existing tools can't stop - Precise Answer ✔✔hreatgraph prevents and block known and unknown malware using graph analytics, machine learning, whitelisting, and black listing.Unique indicators of attacks (IOA) behavioral blocking zero day exploit blocking. instant visibility to discover and investigate current and historic endpoint activity - Precise Answer ✔✔Continuous monitoring across windows mac linux, flexible remediation and containment, easily integrates with existing security architecture via Falcon API Lower cost and higher performance with sass delivery - Precise Answer ✔✔native cloud architecture for zero hardware, software and maintenance costs.friction less deployment-delploy 100,000 endpoints in under two hours. protection on or off the network integrated 24/7 hunting via crowdstrike security operations center csoc - Precise Answer ✔✔global operation center staffed by an elite group of intrusion detection and investigation analytics. augment exisiting security resources, respond in real time - whenever, wherever About crowdsrtike - Precise Answer ✔✔leading provider of next gen endpoint protection, threat intelligence and pre and post incident response services. falcon is the first true software as a service based platform for next gen end point proctection that detects, prevents and responds to attacks, at any state - even malware free intrusions falcon's patented lightweight endpoint sensor can be deployed to more 100000 endpoints in hours, providing visibiilty into billions of events in real time. The majority of breaches and compromises are no dependent on malware - Precise Answer ✔✔corwdstrike protects againist known and unknown threats -- even malware free intrusions your current security tools cant see traditional approaches are reliant on the past indicator of compromise, provide informaiotn on historical points in time and are focused on detection, not prevention - Precise Answer ✔✔unlike solutions that only detect malware and iocs , crowdstrike instantly protects customers by identifying ioa to prevent adversaries comprovmising and environment
Falcon Complete - Fully Managed Endpoint security - Precise Answer ✔✔fully managed, endponit prtection delivered as a service and back by aig with a breach prevention prevention warranty for up to 1m dollars if a breach occurs within the protected environment. crowdstrike combines people process and technology into a powerful offering to immediately enhance your security posture without the burden of building and managing it yourself. this type of commitment allows our customers to shift risk away from their business and feel confident knowing they are protected by crowdstrike - managing, monitoring, and remotely remediating their endpoint 24x7x Falcon Insight Endpoint detection and response (EDR) - Precise Answer ✔✔Enables advanced Enpoint dectection and response capabilities by providing visibiilty into metadata generated by the endpoint. this visibility allows detection of advanced attacks that may have circumvented the endpoints' prevention (antivirus capabilities). this metadata is also constantly streamed to the cloud for analysis and or proactive hunting by your team and the falcon overwatch team. insight also enables rapid response to active non prevented, threats vis network contain and real time response. in two clicks a responder can network contain a machine and stop any possible lateral spread or communication with other systems. in addition, the real time response functionality allows a responder to remotely remediate a compromised endpoint via the falcon web UI Falcon Complete - Precise Answer ✔✔endpoint security delivered as a service. Crowdstrike experts with the majority having incident response expereince, will triage all alerts and perform any necessary remediation actions on your behalf. distinct from a managed service in that we deliver results and not homework. Threat graph - Precise Answer ✔✔this is the brains behind the falcon endpoint protection platform. it is the back-end cloud graph database that collect, stores, indexeesed, and correlates all sensor data. upgrade to extended retention periods, or add falcon data replicator to enable export of all edr metedata to a 3rd party system. Insight - Precise Answer ✔✔this is core edr functionality. visibility into all rela-time activity collected by the endpoint agent (sensor) regardless of wheather it was involved in an alrt (detection) or not. Enable rich context around detections, and provides the platform for proactive threat hunting. includes network quarantine and real-time response (remote shell) response tolls. includes pre-built reports for sensor health and status, and endpoint activity timelines. prevent - Precise Answer ✔✔essential counterpart to insight that enables automatic blocking of malicious activity (insight alone would only get you detection of malicious activity without automatic blocking capabilities). this encompasses both malware and file-less attacks (scripting, exploit, behavioral
patterns). Enables file quarantine for any malware blocked by Falcon. Enables the use of customer IOAs (behavioral patterns) to automatically detect and block any activity pattern that might be specific to your company. overwatch - Precise Answer ✔✔the human detection engine. real threat hunters (crowdstrike employess) combing through our entire endpoint data set 24x7x365 to identify threat actor activity that would otherwise go undetected and notifying customers when they do detect something. focus on identifying hands-on keyboard threat actor activity. think of them like a fire alarm - you don't want to get an alert from them, but if you do, you need to drop what you are doing and investigate. Upgrade to overwatch elite to gain access to an assigned threat hunting analyst that will work directly with your team on a regular basis. Discover - Precise Answer ✔✔asset, application and user account inventories. reporting and metrics around which endpoints are running the sensor, which endpoints are not, applications installed and in use (including versions), individual user logon activity, BIOS images, windows security settings, CPU and memory, and bitlocker status. USB device control - Precise Answer ✔✔this gives visibilty into what USB devices are in use across all endpoints, and the ability to block USB device usage most often used to block mass storage devices or to make them read only firewall management - Precise Answer ✔✔management of the windows firewall entirely within the falcon console. support supports inbound control, location awareness and alerting on triggered rules spotlight - Precise Answer ✔✔real time vulnerability reporting across all endpoints using the falcon sensor. vulnerabilities aligned to CVE and NVD. reporting on installed patches, endpoints requiring reboots to complete patching, this is recommended remediations for exisiting vulnerabilities, and active exploit status to help you prioritize patching across your entire environment. falcon x - Precise Answer ✔✔this is access to our private cloud sandbox and full list of IOCs generated by our own threat intelligence team. IOC list is literally millions of static IOCs we've collected that can be searched and exported (often to other tools in your security stack or a threat intelligence platform TIP). sandbox is cloud-based, managed entirely by crowdstrike. Files quarantined by Falcon can be automaticaly submitted to the sandbox with no admin or user interaction., with no limit on how many files can be submitted this way. manual submissions via the console or API are also available. Upgrade to falcon x premium to add access to finished threat intelligence reports and exportable snort and yara rule lists. upgrade to falcon x premium elite for direct access to a crowdstrike threat intelligence analyst, who acts as an extension of your team in a trusted advisor role. the analyst has access to all crowdstrike
threat intelligence, facilitates requests for threat research, and helps prioritize intelligence according to the goals and strategies of your specific company and industry. Mobile - Precise Answer ✔✔EDR for IOS and andriod. detection of malicious activity including system mis-configurations and communication with malicious IPs and domains cloud workload protection - Precise Answer ✔✔visibility into the workloats running in aws azure or gcp via API as well as container workloads in the cloud or on prem metrics. metrics around number of instances and confiduation as well as reporting on managed (running the falcon sensor) versus unmanaged (not running the falcon sensor) workloads horizon - Precise Answer ✔✔agentless cloud security posture management for aws, azure and gcp. scans for security misconfigs in your cloud environments, and resolve issues using the provided remediation steps essential support - Precise Answer ✔✔extended support coverage hours and response times, and access to a technical account management team hat basically acts as a crowdstrike co pilot. standing weekly to monthly meetings to discuss support cases, process improvements deployment status, best practice suggestions, product imporovements and new features, etc. crowdstrike university - Precise Answer ✔✔online product training. courses are split into 100, 200, and 300 level as you expand your experience with falcon platform. topics range from basic administration to advanced threat hunting and are delivered in either a self paced format or as instructor led utilizing live labs