Question 1

You are tasked with creating a new Kubernetes Admission Controller policy in Falcon Cloud Security. What is the primary purpose of this policy?

Options :

A : To control and enforce security configurations at the time of resource creation or update in Kubernetes.

B : To provide real-time alerts for unauthorized API calls in the Kubernetes control plane.

C : To monitor network traffic within Kubernetes clusters for malicious activity.

D : To scan container images for vulnerabilities after deployment.

Answer: A

Question 2

Which feature of the CrowdStrike Identity Analyzer enables administrators to determine the last time a specific user changed their password across the cloud infrastructure?

Options :

A : Last Password Change Tracker

B : Password Policy Manager

C : Identity Change Log

D : Access Key Analyzer

Answer: A

Question 3

While editing the cloud security posture policy in Falcon to enhance compliance with industry standards, you notice a rule that detects misconfigured IAM roles in your AWS environment. What action should you configure for this rule to prevent unauthorized access effectively?

Options :

A : Set the action to "Alert" and notify the security operations team.

B : Enable auto-remediation to delete all misconfigured IAM roles immediately.

C : Add a condition to the rule requiring all IAM roles to use least-privilege policies.

D : Set the action to "Monitor Only" to track usage of the misconfigured roles.

Answer: C

Question 4

What is the primary purpose of creating Falcon Cloud Security Policies and Rules in a cloud environment?

Options :

A : To configure network ingress and egress rules for cloud-native firewalls.

B : To enforce granular security controls for workloads, users, and cloud resources based on predefined conditions.

C : To manage the deployment of Falcon agents across virtual machines.

D : To automate software updates for containerized applications in the cloud.

Answer: B

Question 5

A security team is tasked with creating an image assessment policy in the Falcon Cloud to scan container images for vulnerabilities before deployment. Which of the following configurations is required to ensure the policy works as intended?

Options :

A : Enable the "Audit Mode" to enforce runtime image assessment.

B : Enable the "Real-time Scanning" option to automatically block all unscanned images.

C : Assign the policy to a specific Kubernetes namespace only.

D : Specify the severity levels (e.g., Critical, High, Medium) for vulnerabilities to flag.

Answer: D