Summer Certification Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: force70

CrowdStrike Certified Falcon Responder CCFR-201b Question # 18 Topic 2 Discussion

CrowdStrike Certified Falcon Responder CCFR-201b Question # 18 Topic 2 Discussion

CCFR-201b Exam Topic 2 Question 18 Discussion:
Question #: 18
Topic #: 2

To perform a deep-dive investigation into a specific detection, a responder needs to pivot to a process timeline. What is the minimum information required to be gathered from the detection before making this pivot?


A.

The External IP and the Username of the logged-in user.


B.

The Agent ID (AID) and the Target Process ID (TargetProcessId_decimal).


C.

The MAC Address of the host and the SHA256 hash of the file.


D.

The Policy ID and the timestamp of the first event.


Get Premium CCFR-201b Questions

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.