Question 1

When analyzing cloud findings for misconfigurations, which of the following would be considered a high-risk practice that should be flagged for remediation?

Options :

A : Enforcing multi-factor authentication (MFA) for all cloud administrator accounts

B : Implementing role-based access control (RBAC) policies for cloud resources

C : Using network security groups (NSGs) to limit traffic to trusted IP addresses

D : Allowing unrestricted inbound traffic to cloud-hosted resources on port 22

Answer: D

Question 2

What is the primary purpose of creating Falcon Cloud Security Policies and Rules in a cloud environment?

Options :

A : To configure network ingress and egress rules for cloud-native firewalls.

B : To enforce granular security controls for workloads, users, and cloud resources based on predefined conditions.

C : To manage the deployment of Falcon agents across virtual machines.

D : To automate software updates for containerized applications in the cloud.

Answer: B

Question 3

Which component of Falcon Fusion is primarily responsible for automating responses to detected threats within a cloud environment?

Options :

A : Workflow Builder

B : Event Correlation Dashboard

C : Custom Alerts Manager

D : Threat Intelligence Orchestrator

Answer: A

Question 4

You are registering a new AWS account with CrowdStrike Falcon, but the process fails with an error stating:

"Insufficient permissions for role ARN."

What is the most likely cause of this issue?

Options :

A : The IAM role created for the account lacks the required policies for CrowdStrike integration.

B : The AWS account is already registered with another CrowdStrike instance.

C : The CrowdStrike Falcon sensor is not installed on the EC2 instances in the account.

D : Multi-factor authentication (MFA) is disabled on the AWS account.

Answer: A

Question 5

Which feature of Falcon Horizon allows users to identify exposed cloud services and workloads running without requiring the deployment of a Falcon sensor?

Options :

A : Real-time behavioral monitoring

B : API-driven cloud workload discovery

C : Vulnerability patching orchestration

D : Deployment of lightweight monitoring agents

Answer: B