How long are detection events kept in Falcon?

• A.Detections events are kept for your subscribed data retention period
• B.Detection events are kept for 30 days
• C.Detection events are kept for 90 days
• D.Detection events are kept for 7 days

Comment: *

Name: *

Email: *

Verification: *

Which role is required to manage groups and policies in Falcon?

• A.Falcon Host Analyst
• B.Falcon Host Administrator
• C.Prevention Hashes Manager
• D.Falcon Host Security Lead

Comment: *

Name: *

Email: *

Verification: *

What are custom alerts based on?

• A.Custom event based triggers
• B.Predefined alert templates
• C.Custom workflows
• D.User defined Splunk queries

Comment: *

Name: *

Email: *

Verification: *

Once an exclusion is saved, what can be edited in the future?

• A.Only the selected groups and hosts to which the exclusion is applied can be changed
• B.All parts of the exclusion can be changed
• C.The exclusion pattern cannot be changed
• D.Only the options to "Detect/Block" and/or "File Extraction" can be changed

Comment: *

Name: *

Email: *

Verification: *

Which statement is TRUE regarding disabling detections on a host?

• A.Hosts with detections disabled will not alert on blocklisted hashes or machine learning detections, but will still alert on lOA-based detections. It will remain that way until detections are enabled again
• B.Hosts with detections disabled will not alert on anything until detections are enabled again
• C.Hosts with detections disabled will not alert on anything for 24 hours (by default) or longer if that setting is changed
• D.Hosts cannot have their detections disabled individually

Comment: *

Name: *

Email: *

Verification: *