Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CrowdStrike Exam CCFR-201 Topic 3 Question 36 Discussion

Actual exam question for CrowdStrike's CCFR-201 exam
Question #: 36
Topic #: 3
[All CCFR-201 Questions]

You notice that taskeng.exe is one of the processes involved in a detection. What activity should you investigate next?

Show Suggested Answer Hide Answer
Suggested Answer: C

According to the [Microsoft website], taskeng.exe is a legitimate Windows process that is responsible for running scheduled tasks. However, some malware may use this process or create a fake one to execute malicious code. Therefore, if you notice taskeng.exe involved in a detection, you should investigate whether there are any scheduled tasks registered prior to the detection that may have triggered or injected into taskeng.exe. You can use tools such as schtasks.exe or Task Scheduler to view or manage scheduled tasks.


by Ashlyn at Apr 03, 2025, 05:54 PM

Limited Time Offer

25%

Off

Get Premium CCFR-201 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Leatha
2 months ago
Taskeng.exe, huh? Sounds like someone's been playing a game of 'Guess the Process' and forgot to invite the rest of us. Let's hope the answer isn't 'Minesweeper.exe'!
upvoted 0 times
Samira
2 months ago
C) Scheduled tasks registered prior to the detection
upvoted 0 times
...
Leonora
2 months ago
B) Executions of schtasks.exe after the detection
upvoted 0 times
...
Nan
2 months ago
A) User logons after the detection
upvoted 0 times
...
...
Walton
3 months ago
User logons, huh? Sounds like someone's been busy trying to cover their tracks. Time to put on our detective hats!
upvoted 0 times
...
Janessa
3 months ago
Pivot to a hash search? That's like trying to find a needle in a haystack. I'd rather focus on the scheduled tasks and see what's up.
upvoted 0 times
Meaghan
2 months ago
That's like trying to find a needle in a haystack. I'd rather focus on the scheduled tasks and see what's up.
upvoted 0 times
...
Lynelle
2 months ago
C) Scheduled tasks registered prior to the detection
upvoted 0 times
...
Tiera
2 months ago
B) Executions of schtasks.exe after the detection
upvoted 0 times
...
Vallie
2 months ago
A) User logons after the detection
upvoted 0 times
...
...
Ryan
3 months ago
I'd go with B - looking at schtasks.exe executions could give us a clue about what's really going on here. Gotta be thorough, you know?
upvoted 0 times
Felice
2 months ago
I think focusing on schtasks.exe executions is a smart move to understand the situation better.
upvoted 0 times
...
Adria
2 months ago
It's important to investigate all possible leads, so looking at schtasks.exe executions is a good idea.
upvoted 0 times
...
Kiley
2 months ago
I agree, checking schtasks.exe executions could reveal more information about the activity.
upvoted 0 times
...
...
Karma
3 months ago
Hmm, scheduled tasks seem like the most logical next step. Who knows what kind of sneaky activity might be hidden in those tasks?
upvoted 0 times
Mona
2 months ago
C) Scheduled tasks registered prior to the detection
upvoted 0 times
...
Minna
2 months ago
B) Executions of schtasks.exe after the detection
upvoted 0 times
...
Penney
3 months ago
A) User logons after the detection
upvoted 0 times
...
...
Antonio
4 months ago
I believe we should pivot to a Hash search for taskeng.exe to gather more information.
upvoted 0 times
...
Carin
4 months ago
I agree with Vi, checking user logons can give us more insight.
upvoted 0 times
...
Vi
4 months ago
I think we should investigate user logons after the detection.
upvoted 0 times
...

Save Cancel