Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

CrowdStrike Exam CCFH-202 Topic 10 Question 35 Discussion

Actual exam question for CrowdStrike's CCFH-202 exam
Question #: 35
Topic #: 10
[All CCFH-202 Questions]

Where would an analyst find information about shells spawned by root, Kernel Module loads, and wget/curl usage?

Show Suggested Answer Hide Answer
Suggested Answer: B

The Linux Sensor report is where an analyst would find information about shells spawned by root, Kernel Module loads, and wget/curl usage. The Linux Sensor report is a pre-defined report that provides a summary view of selected activities on Linux hosts. It shows information such as process execution events, network connection events, file write events, etc. that occurred on Linux hosts within a specified time range. The Sensor Health report, the Sensor Policy Daily report, and the Mac Sensor report do not provide the same information.


by Sherell at Dec 09, 2024, 08:05 AM

Limited Time Offer

25%

Off

Get Premium CCFH-202 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Sang
4 days ago
The Linux Sensor report seems like the obvious choice here. I mean, where else would you find info on kernel modules and shell activity?
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77