CrowdStrike
CCFA-200B · Question #192
CCFA-200B Question #192: Real Exam Question with Answer & Explanation
Sign in or unlock CCFA-200B to reveal the answer and full explanation for question #192. The question stem and answer options stay visible for context.
Question
Your leadership wants controls in place for immediate action on any Overwatch detections. What should you do to ensure the host is contained quickly and notifies the appropriate staff?
Options
- ACreate a Fusion SOAR workflow using the Overwatch playbook to contain the host and email the
- BCreate a Fusion SOAR workflow to create a detection for Overwatch and email the SOC team
- CCreate a Fusion SOAR workflow to contain the host and email the Overwatch team
- DCreate a Fusion SOAR workflow to trigger on an Overwatch detection and set it to block the
Unlock CCFA-200B to see the answer
You've previewed enough free CCFA-200B questions. Unlock CCFA-200B for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.