CrowdStrike
CCCS-203B · Question #12
CCCS-203B Question #12: Real Exam Question with Answer & Explanation
Sign in or unlock CCCS-203B to reveal the answer and full explanation for question #12. The question stem and answer options stay visible for context.
Question
A security team using CrowdStrike Falcon Runtime Protection wants to detect and respond to Indicators of Attack (IOAs) in their containerized environment. Which of the following is the best approach for detecting IOAs in real-time?
Options
- AMonitor system calls and process behaviors in runtime to detect anomalous activity indicative of an
- BBlock all incoming network connections to containerized workloads to prevent potential attacks.
- COnly analyze static container images for known vulnerabilities before deployment.
- DRely exclusively on Kubernetes audit logs to identify threats within the environment.
Unlock CCCS-203B to see the answer
You've previewed enough free CCCS-203B questions. Unlock CCCS-203B for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.