ExamTopics Logo
Mail Us[email protected]
Menu
Crowdstrike Discussions
exam questions

Exam CCFA All Questions

View all questions & answers for the CCFA exam
Go to Exam

Exam CCFA topic 1 question 207 discussion

Actual exam question from CrowdStrike's CCFA
Question #: 207
Topic #: 1
[All CCFA Questions]

What best describes the effect of disabling detections for a host?

  • A. Detections for the host are removed from the console immediately and no new detections display in the console going forward until re-enabled
  • B. Existing detections for the host remain, but no new detections will be presented in the console going forward until re-enabled
  • C. Detections for the host are removed from the console immediately and cannot be restored unless the sensor is reinstalled
  • D. You cannot disable detections for a single host and are only able to prevent detections via allowlisting
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by 93d74a2 at May 9, 2025, 10:06 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
aN0omY
1 month ago
Selected Answer: B
It is B because disabling detections has nothing to do with previous detections, therefore you would still see them.
upvoted 2 times
...
CiscoNoahexamtopic
1 month ago
Selected Answer: A
detections will stop being generated on this host and all existing detections for this host will be hidden from the Falcon Host UI. This data will be restored to the UI if you re-enable detections on this host.
upvoted 2 times
...
93d74a2
2 months ago
Selected Answer: A
Definitely A
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel