Your security team is noticing that certain privacy-sensitive information such as the URL, HTTP Header and POST bodies are missing from HTTP related detections.
What is likely the cause for this?
A.
The prevention policy was never configured to generate HTTP detections
B.
The prevention policy has been configured to redact HTTP detection details
C.
The prevention policy was configured to have an aggressive prevention setting, but only a cautious detection setting
D.
The network perimeter firewall blocked the HTTP connection attempts so there was nothing for Falcon to detect
Remove certain information from HTTP Detection events, including URL, raw HTTP header and POST bodies if they were present. This does not affect the generation of HTTP Detections, only additional details that would be included and may include personal information (depending on the malware in question). When disabled, the information is used to improve the response to detection events. Has no effect unless HTTP Detections is also enabled.
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.CCFA Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
aN0omY
1 week, 4 days agoCiscoNoahexamtopic
1 week, 5 days ago