Question 1

What is the potential impact if CrowdStrike IP addresses are not added to your container registry allowlist for image assessment?

Options :

A : Image assessment will fail, but other CrowdStrike services will continue to function.

B : CrowdStrike will switch to a default public IP to bypass the restriction.

C : Image assessment will proceed with reduced capabilities.

D : Image assessment will continue without any issues due to fallback IP detection.

Answer: A

Question 2

When integrating an AWS cloud account with CrowdStrike Falcon, which of the following permissions must the dedicated IAM role include?

Options :

A : Write access to modify security groups and IAM roles in the AWS account.

B : Permissions to read EC2 metadata, CloudTrail logs, and list S3 buckets.

C : Access to create new virtual machines for deploying the Falcon agent.

D : Full administrative access to the AWS account to manage all resources.

Answer: B

Question 3

Which feature of Falcon Horizon allows users to identify exposed cloud services and workloads running without requiring the deployment of a Falcon sensor?

Options :

A : Real-time behavioral monitoring

B : API-driven cloud workload discovery

C : Vulnerability patching orchestration

D : Deployment of lightweight monitoring agents

Answer: B

Question 4

While editing the cloud security posture policy in Falcon to enhance compliance with industry standards, you notice a rule that detects misconfigured IAM roles in your AWS environment. What action should you configure for this rule to prevent unauthorized access effectively?

Options :

A : Set the action to "Alert" and notify the security operations team.

B : Enable auto-remediation to delete all misconfigured IAM roles immediately.

C : Add a condition to the rule requiring all IAM roles to use least-privilege policies.

D : Set the action to "Monitor Only" to track usage of the misconfigured roles.

Answer: C

Question 5

What is the recommended action after CrowdStrike Falcon identifies a potentially malicious network connection in a containerized workload?

Options :

A : Rely on cloud provider firewall logs to verify the nature of the connection.

B : Re-scan the container image used by the workload to identify vulnerabilities.

C : Automatically restart the affected container to terminate the malicious connection.

D : Block the container-s network access and perform a forensic investigation of the workload.

Answer: D