nerdexam
CrowdStrike

CCFA-200B · Question #105

CCFA-200B Question #105: Real Exam Question with Answer & Explanation

The correct answer is A. Real Time Responder. The Real Time Responder role allows users to use the "Connect to Host" feature to gather additional information from the host, such as running processes, registry keys, files, etc. The other roles do not have this capability.

Question

Even though you are a Falcon Administrator, you discover you are unable to use the "Connect to Host" feature to gather additional information which is only available on the host. Which role do you need added to your user account to have this capability?

Options

  • AReal Time Responder
  • BEndpoint Manager
  • CFalcon Investigator
  • DRemediation Manager

Explanation

The Real Time Responder role allows users to use the "Connect to Host" feature to gather additional information from the host, such as running processes, registry keys, files, etc. The other roles do not have this capability.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CCFA-200B Practice