Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

CrowdStrike Exam CCFH-202 Topic 9 Question 20 Discussion

Actual exam question for CrowdStrike's CCFH-202 exam
Question #: 20
Topic #: 9
[All CCFH-202 Questions]

What kind of activity does a User Search help you investigate?

Show Suggested Answer Hide Answer
Suggested Answer: B

User Search is an Investigate tool that helps you investigate a list of process activity executed by the specified user account. It shows information such as process name, command line, parent process name, parent command line, etc. for each process that was executed by the user account on any host in your environment. It does not show a history of Falcon UI logon activity, a count of failed user logon activity, or a list of DNS queries by the specified user account.


by Bettyann at May 29, 2024, 10:38 AM

Limited Time Offer

25%

Off

Get Premium CCFH-202 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Dacia
12 months ago
Definitely not option A - that's login history, not user activity. Gotta be one of the other choices, but which one...?
upvoted 0 times
...
Leontine
12 months ago
A count of failed logins could be useful, but I don't think that's the main purpose of the User Search. I'm leaning towards option D.
upvoted 0 times
Kristofer
11 months ago
I think option B could also be helpful in understanding the process activity of the user account.
upvoted 0 times
...
Rossana
11 months ago
I agree, option D seems like the most relevant for investigating user activity.
upvoted 0 times
...
...
Willis
1 years ago
Hmm, I'm not sure if the User Search would give you a list of processes. That sounds more like something you'd get from a process or event log.
upvoted 0 times
Lillian
11 months ago
B) A list of process activity executed by the specified user account
upvoted 0 times
...
Casie
12 months ago
A) A history of Falcon Ul logon activity
upvoted 0 times
...
...
Margurite
1 years ago
I agree with Lili, because it can provide valuable information about what actions were taken by a specific user.
upvoted 0 times
...
Wilford
1 years ago
The User Search seems to be more about user activity, not login history. I'd go with option B.
upvoted 0 times
Effie
11 months ago
I think option A could also be useful to track the history of Falcon Ul logon activity.
upvoted 0 times
...
Malcom
11 months ago
I agree, option B seems to be the most relevant for investigating user activity.
upvoted 0 times
...
Dorsey
12 months ago
I think option A could also be useful, but option B is definitely more focused on user activity.
upvoted 0 times
...
Pura
1 years ago
I agree, option B seems to be the most relevant for investigating user activity.
upvoted 0 times
...
Vivan
1 years ago
I see your point, option B does seem to focus more on the process activity executed by the user account.
upvoted 0 times
...
Isidra
1 years ago
I think option A could also be useful to track the history of Falcon Ul logon activity.
upvoted 0 times
...
Vanesa
1 years ago
I agree, option B seems to be the most relevant for investigating user activity.
upvoted 0 times
...
...
Lili
1 years ago
I think a User Search helps investigate B) A list of process activity executed by the specified user account.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77