Question 1

While editing the cloud security posture policy in Falcon to enhance compliance with industry standards, you notice a rule that detects misconfigured IAM roles in your AWS environment. What action should you configure for this rule to prevent unauthorized access effectively?

Options :

A : Set the action to "Alert" and notify the security operations team.

B : Enable auto-remediation to delete all misconfigured IAM roles immediately.

C : Add a condition to the rule requiring all IAM roles to use least-privilege policies.

D : Set the action to "Monitor Only" to track usage of the misconfigured roles.

Answer: C

Question 2

What happens to the data and alerts linked to a cloud account after it is deprovisioned from the Falcon console?

Options :

A : All data and alerts associated with the account are immediately and permanently deleted.

B : Data is archived for 30 days and then permanently deleted.

C : Historical data and alerts remain accessible, but new data collection stops.

D : The cloud account-s data remains visible only if the account is re-registered within 7 days.

Answer: C

Question 3

What is the primary purpose of creating image assessment policies within Falcon Cloud Security?

Options :

A : To create firewall rules for restricting network traffic between containers.

B : To automate the deployment of container images across Kubernetes clusters.

C : To evaluate container images for vulnerabilities and enforce security compliance during the CI/CD pipeline.

D : To configure runtime monitoring for containerized applications in production environments.

Answer: C

Question 4

When CrowdStrike Falcon detects a suspicious outbound network connection from a runtime workload, what is the best immediate action to mitigate potential risks?

Options :

A : Quarantine the Affected Host

B : Enable DNS Filtering Across All Hosts

C : Manually Terminate the Suspected Network Connection

D : Generate an Incident Report for Future Review

Answer: A

Question 5

What is the primary purpose of creating Falcon Cloud Security Policies and Rules in a cloud environment?

Options :

A : To configure network ingress and egress rules for cloud-native firewalls.

B : To enforce granular security controls for workloads, users, and cloud resources based on predefined conditions.

C : To manage the deployment of Falcon agents across virtual machines.

D : To automate software updates for containerized applications in the cloud.

Answer: B

Free CCCS-203b Mock Exam – Practice Online Confidently

Buying Options: