You need to have the ability to monitor suspicious VBA macros. Which Sensor Visibility setting should be turned on within the Prevention policy settings?
Correct is Script-based Execution Monitoring, I checked the Falcon Documentation
Turn on the Script-Based Execution Monitoring prevention policy setting to enable the "Falcon sensor to monitor the contents of scripts and shells that are popular mechanisms for executing malicious code on hosts. This setting does not kill or block scripts."
Scripting languages:
Excel 4.0 macros
JScript
VBA Macros
VBScript
Script-Based Execution Monitoring
For hosts running Windows 10 and Servers 2016 and later, provides visibility into suspicious scripts and VBA macros in Office documents. Requires Quarantine & Security Center Registration toggle to be enabled.
upvoted 4 times
...
This section is not available anymore. Please use the main Exam Page.CCFA Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
shemilandia
Highly Voted 1 year, 3 months agosbag0024
Most Recent 11 months agoFerbOP
1 year agotestmailuc
1 year, 2 months agoRoy_So
1 year, 3 months ago