Question 1

What is the primary step required to deprovision a cloud account from Falcon in the CrowdStrike platform?

Options :

A : Disable the cloud account integration in the Falcon console under the "Cloud Accounts" tab.

B : Delete the cloud account directly from the cloud provider-s console to automatically deprovision it from Falcon.

C : Remove all workloads and endpoints linked to the cloud account before attempting to deprovision it.

D : Revoke the API client credentials associated with the cloud account in the "API Clients and Keys" section.

Answer: A

Question 2

While editing the cloud security posture policy in Falcon to enhance compliance with industry standards, you notice a rule that detects misconfigured IAM roles in your AWS environment. What action should you configure for this rule to prevent unauthorized access effectively?

Options :

A : Set the action to "Alert" and notify the security operations team.

B : Enable auto-remediation to delete all misconfigured IAM roles immediately.

C : Add a condition to the rule requiring all IAM roles to use least-privilege policies.

D : Set the action to "Monitor Only" to track usage of the misconfigured roles.

Answer: C

Question 3

Which feature of the CrowdStrike Identity Analyzer enables administrators to determine the last time a specific user changed their password across the cloud infrastructure?

Options :

A : Last Password Change Tracker

B : Password Policy Manager

C : Identity Change Log

D : Access Key Analyzer

Answer: A

Question 4

Which of the following is a requirement for deploying the Kubernetes and Container Sensor in a Kubernetes cluster?

Options :

A : The cluster must have the kube-proxy component disabled.

B : The cluster must have at least three nodes with GPU support.

C : The sensor requires a DaemonSet to be deployed within the Kubernetes cluster.

D : All workloads in the cluster must use privileged containers.

Answer: C

Question 5

When using Falcon Fusion, how can administrators ensure they are notified immediately about critical threats detected in their cloud infrastructure?

Options :

A : Activate the Immediate Alert Policy in Falcon Central.

B : Integrate Falcon Fusion with CrowdStrike Threat Graph for alerts.

C : Set up recurring reports in the Falcon Dashboard.

D : Configure automated actions in Workflow Builder to trigger notifications.

Answer: D