CrowdStrike
CCFA-200B · Question #198
CCFA-200B Question #198: Real Exam Question with Answer & Explanation
Sign in or unlock CCFA-200B to reveal the answer and full explanation for question #198. The question stem and answer options stay visible for context.
Question
Your organization has determined that your cybersecurity architect needs to be notified via email whenever Falcon generates detections of a medium severity or higher. Additionally, the architect should be notified about any incidents with a CrowdScore of 1.0 or higher. What can the Falcon Administrator do to ensure the architect is properly alerted?
Options
- ACreate a new Falcon user for the architect then create and assign a custom Falcon user role so
- BAdd the architect's email address to the manage list for detection and incident emails from the
- CCreate a new Falcon user for the architect and assign the Detections and Exceptions Manager
- DCreate a custom Fusion SOAR workflow to send an email every time a new detection or incident
Unlock CCFA-200B to see the answer
You've previewed enough free CCFA-200B questions. Unlock CCFA-200B for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.