CrowdStrike Exam CCFA-200 Topic 11 Question 22 Discussion

Actual exam question for CrowdStrike's CCFA-200 exam

Question #: 22
Topic #: 11

How do you disable all detections for a host?

ACreate an exclusion rule and apply it to the machine or group of machines

BContact support and provide them with the Agent ID (AID) for the machine and they will put it on the Disabled Hosts list in your Customer ID (CID)

CYou cannot disable all detections on individual hosts as it would put them at risk

DIn Host Management, select the host and then choose the option to Disable Detections

Show Suggested Answer

Suggested Answer: A

by Kenneth at Jul 26, 2023, 06:54 AM

Limited Time Offer

25%

Off

Contribute your Thoughts:

Submit Cancel

12 days ago

Option B? More like 'Option B.S.' - who has time to call support for something this simple? I'm going with A or D.

upvoted 0 times

...

13 days ago

Ah, Option D looks like the easiest way to disable detections directly from the Host Management interface. That's the one for me.

upvoted 0 times

...

15 days ago

Option C makes sense, can't just disable everything and leave the host vulnerable. Safety first!

upvoted 0 times

...

27 days ago

Hmm, contacting support to disable a host doesn't seem very efficient. I'll look into Option A instead.

upvoted 0 times

13 days ago

Option A sounds like the best way to go about disabling detections for a host.

upvoted 0 times

...

2 months ago

I think the answer is A, create an exclusion rule.

upvoted 0 times

...