CCFA-200b Online Practice Questions

Home / CrowdStrike / CCFA-200b

Latest CCFA-200b Exam Practice Questions

The practice questions for CCFA-200b exam was last updated on 2025-08-24 .

Viewing page 1 out of 10 pages.

Viewing questions 1 out of 54 questions.

Question#1

When configuring a specific prevention policy, the admin can align the policy to two different types of groups, Host Groups and which other?

A. Custom IOA Rule Groups
B. Custom IOC Groups
C. Enterprise Groups
D. Operating System Groups

Question#2

What is the purpose of the Default Sensor Policy?

A. A mechanism to deploy the oldest supported version of the Falcon Sensor.
B. Tests the sensor configuration settings before deployment.
C. Used to reset all sensor settings to Default.
D. Acts as a "catch all" policy if no other Sensor Policies are applied.

Explanation:
The purpose of the Default Sensor Policy is that it acts as a “catch all” policy if no other Sensor Policies are applied. A Sensor Policy is a policy that defines the detection and prevention settings for the Falcon sensor on a host. You can create and assign custom Sensor Policies to different hosts or groups in your environment. However, if a host is not assigned to a specific Sensor Policy, it will inherit the settings from the Default Sensor Policy. The Default Sensor Policy is a “catch-all” policy that is enabled by default and has the “Malware Protection” feature turned on. You can modify the settings of the Default Sensor Policy, but you cannot delete or disable it1.
Reference: 1: Falcon Administrator Learning Path | Infographic | CrowdStrike

Question#3

Which is a filter within the Host setup and management > Host management page?

A. User name
B. OU
C. BIOS Version
D. Locality

Question#4

What is the function of a single asterisk (*) in an ML exclusion pattern?

A. The single asterisk will match any number of characters, including none. It does include separator characters, such as \ or /, which separate portions of a file path
B. The single asterisk will match any number of characters, including none. It does not include separator characters, such as \ or /, which separate portions of a file path
C. The single asterisk is the insertion point for the variable list that follows the path
D. The single asterisk is only used to start an expression, and it represents the drive letter

Explanation:
Reference: https://docs.microsoft.com/en-us/azure/machine-learning

Question#5

What is the name for the unique host identifier in Falcon assigned to each sensor during sensor installation?

A. Endpoint ID (EID)
B. Agent ID (AID)
C. Security ID (SID)
D. Computer ID (CID)

Exam Code: CCFA-200bQ & A: 152 Q&AsUpdated:  2025-08-24

 Get All CCFA-200b Q&As

Top 20 Exams

CertQuestionsBank doesn't offer Real Microsoft, Amazon, Cisco Exam Questions. All CertQuestionsBank content is sourced from the Internet.

Important Links

Know Us

Follow Us

Copyright © 2025 CertQuestionsBank NETWORK CO.,LIMITED. All Rights Reserved.