ExamTopics Logo
Mail Us[email protected]
Menu
Crowdstrike Discussions
exam questions

Exam CCFA All Questions

View all questions & answers for the CCFA exam
Go to Exam

Exam CCFA topic 1 question 141 discussion

Actual exam question from CrowdStrike's CCFA
Question #: 141
Topic #: 1
[All CCFA Questions]

Which of the following is TRUE regarding disabling detections for a host?

  • A. The DetectionSummaryEvent continues being sent to the Streaming API for that host
  • B. After disabling detections, the host will operate in Reduced Functionality Mode (RFM) until detections are enabled
  • C. The detections for that host are removed from the console immediately. No new detections will display in the console going forward unless detections are enabled
  • D. After disabling detections, the data for all existing detections prior to disabling detections is removed from the Event Search
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by aN0omY at June 4, 2025, 1:18 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
aN0omY
1 week, 6 days ago
Selected Answer: A
This is A.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel