CrowdStrike Exam CCFA-200 Topic 11 Question 22 Discussion

Actual exam question for CrowdStrike's CCFA-200 exam

Question #: 22
Topic #: 11

How do you disable all detections for a host?

ACreate an exclusion rule and apply it to the machine or group of machines

BContact support and provide them with the Agent ID (AID) for the machine and they will put it on the Disabled Hosts list in your Customer ID (CID)

CYou cannot disable all detections on individual hosts as it would put them at risk

DIn Host Management, select the host and then choose the option to Disable Detections

Show Suggested Answer

Suggested Answer: A

by Kenneth at Jul 26, 2023, 06:54 AM

Limited Time Offer

25%

Off

Contribute your Thoughts:

Submit Cancel

5 days ago

Option A seems the most straightforward way to disable detections on a host. I'll give that a try.

upvoted 0 times

...

7 days ago

I'm not sure, but I think C makes sense, disabling all detections could be risky for the host.

upvoted 0 times

...

8 days ago

I disagree, I believe the correct answer is D, disable detections in Host Management.

upvoted 0 times

...

9 days ago

I think the answer is A, create an exclusion rule.

upvoted 0 times

...