nerdexam
CrowdStrike

CCFR-201B · Question #24

CCFR-201B Question #24: Real Exam Question with Answer & Explanation

The correct answer is B. Select Full Detection Details from the detection. Right click gives you basic web/OS options, nothing application specific. This is more appropriate since the details and tree are provided with full details.

Question

From a detection, what is the fastest way to see children and sibling process information?

Options

  • ASelect the Event Search option. Then from the Event Actions, select Show Associated Event Data
  • BSelect Full Detection Details from the detection
  • CRight-click the process and select "Follow Process Chain"
  • DSelect the Process Timeline feature, enter the AID, Target Process ID, and Parent Process ID

Explanation

Right click gives you basic web/OS options, nothing application specific. This is more appropriate since the details and tree are provided with full details.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CCFR-201B Practice