Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CrowdStrike Exam CCFR-201 Topic 3 Question 36 Discussion

Actual exam question for CrowdStrike's CCFR-201 exam
Question #: 36
Topic #: 3
[All CCFR-201 Questions]

You notice that taskeng.exe is one of the processes involved in a detection. What activity should you investigate next?

Show Suggested Answer Hide Answer
Suggested Answer: C

According to the [Microsoft website], taskeng.exe is a legitimate Windows process that is responsible for running scheduled tasks. However, some malware may use this process or create a fake one to execute malicious code. Therefore, if you notice taskeng.exe involved in a detection, you should investigate whether there are any scheduled tasks registered prior to the detection that may have triggered or injected into taskeng.exe. You can use tools such as schtasks.exe or Task Scheduler to view or manage scheduled tasks.


by Ashlyn at Apr 03, 2025, 05:54 PM

Limited Time Offer

25%

Off

Get Premium CCFR-201 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Leatha
9 days ago
Taskeng.exe, huh? Sounds like someone's been playing a game of 'Guess the Process' and forgot to invite the rest of us. Let's hope the answer isn't 'Minesweeper.exe'!
upvoted 0 times
Nan
1 days ago
A) User logons after the detection
upvoted 0 times
...
...
Walton
12 days ago
User logons, huh? Sounds like someone's been busy trying to cover their tracks. Time to put on our detective hats!
upvoted 0 times
...
Janessa
16 days ago
Pivot to a hash search? That's like trying to find a needle in a haystack. I'd rather focus on the scheduled tasks and see what's up.
upvoted 0 times
...
Ryan
22 days ago
I'd go with B - looking at schtasks.exe executions could give us a clue about what's really going on here. Gotta be thorough, you know?
upvoted 0 times
...
Karma
1 months ago
Hmm, scheduled tasks seem like the most logical next step. Who knows what kind of sneaky activity might be hidden in those tasks?
upvoted 0 times
Penney
19 days ago
A) User logons after the detection
upvoted 0 times
...
...
Antonio
1 months ago
I believe we should pivot to a Hash search for taskeng.exe to gather more information.
upvoted 0 times
...
Carin
1 months ago
I agree with Vi, checking user logons can give us more insight.
upvoted 0 times
...
Vi
1 months ago
I think we should investigate user logons after the detection.
upvoted 0 times
...

Save Cancel