CrowdStrike Certified Falcon Administrator (CCFA) — Question 108

Why would you use the Prevention Policy Debug Report?

Answer options

• A. To confirm that prevention policy precedence was applied to hosts
• B. To confirm the number of detections on a host
• C. To confirm that prevention policy settings were applied to a host
• D. To confirm the number of host groups to which a policy was applied

Correct answer: C

Explanation

The correct answer is C because the Prevention Policy Debug Report is specifically designed to show whether prevention policy settings have been applied to a host. Option A is incorrect as it pertains to policy precedence rather than settings, while B focuses on detections, and D relates to host groups, neither of which are the primary function of this report.