CrowdStrike
CCCS-203B · Question #269
CCCS-203B Question #269: Real Exam Question with Answer & Explanation
Sign in or unlock CCCS-203B to reveal the answer and full explanation for question #269. The question stem and answer options stay visible for context.
Question
During a review of the CrowdStrike Falcon asset inventory, you notice a legacy Windows XP device that is not running an endpoint protection solution. This asset has frequent outbound connections to unrecognized external IPs. Which of the following is the best course of action to handle this risky asset?
Options
- AIgnore the asset as it might be part of a legitimate business process.
- BUninstall the device from the asset inventory to reduce noise in monitoring.
- CImmediately block all outbound connections from this asset at the firewall.
- DQuarantine the device using Falcon's network containment feature and initiate a vulnerability
Unlock CCCS-203B to see the answer
You've previewed enough free CCCS-203B questions. Unlock CCCS-203B for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.