Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CrowdStrike Exam CCFH-202 Topic 9 Question 33 Discussion

Actual exam question for CrowdStrike's CCFH-202 exam
Question #: 33
Topic #: 9
[All CCFH-202 Questions]

What information is provided from the MITRE ATT&CK framework in a detection's Execution Details?

Show Suggested Answer Hide Answer
Suggested Answer: B

User Search is an Investigate tool that helps you investigate a list of process activity executed by the specified user account. It shows information such as process name, command line, parent process name, parent command line, etc. for each process that was executed by the user account on any host in your environment. It does not show a history of Falcon UI logon activity, a count of failed user logon activity, or a list of DNS queries by the specified user account.


by Clay at Oct 21, 2024, 12:26 PM

Limited Time Offer

25%

Off

Get Premium CCFH-202 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Renea
26 days ago
Triggering Indicator? That's got to be the answer! I'm picking (D).
upvoted 0 times
...
Brittney
28 days ago
Hmm, I think the Grouping Tag is the information given in the Execution Details. (A) seems like the right choice.
upvoted 0 times
...
Glory
1 months ago
I'm pretty sure the Execution Details include the Command Line, so I'll go with (B).
upvoted 0 times
Evette
4 days ago
I think you're right, the Command Line is definitely included in the Execution Details.
upvoted 0 times
...
...
Anna
1 months ago
The MITRE ATT&CK framework's Execution Details provide the Technique ID, which is the correct answer (C).
upvoted 0 times
Cheryll
17 hours ago
C) Technique ID
upvoted 0 times
...
Lettie
8 days ago
B) Command Line
upvoted 0 times
...
Nickolas
27 days ago
A) Grouping Tag
upvoted 0 times
...
...
Jacinta
2 months ago
I believe Command Line is also provided in the Execution Details.
upvoted 0 times
...
Haley
2 months ago
Yes, I agree. Technique ID is definitely one of the details given.
upvoted 0 times
...
Francine
2 months ago
I think the information provided includes Technique ID.
upvoted 0 times
...

Save Cancel
a