CrowdStrike
CCFA-200B · Question #202
CCFA-200B Question #202: Real Exam Question with Answer & Explanation
Sign in or unlock CCFA-200B to reveal the answer and full explanation for question #202. The question stem and answer options stay visible for context.
Question
There are a significant number of false positive detections from your developers that are getting blocked and quarantined by Falcon. What Indicator of Compromise (IOC) action would be the best option?
Options
- ANo_action (displayed as None in the console)
- BAllow (displayed as Allow in the console)
- CDetect Only (displayed as Detect only in the console)
- DPrevent (displayed as Blocked in the console)
Unlock CCFA-200B to see the answer
You've previewed enough free CCFA-200B questions. Unlock CCFA-200B for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.