CrowdStrike Certified Falcon Administrator (CCFA) — Question 20

Which of the following is TRUE regarding Falcon Next-Gen AntiVirus (NGAV)?

Answer options

• A. Falcon NGAV relies on signature-based detections
• B. Activating Falcon NGAV will also enable all detection and prevention settings in the entire policy
• C. The Detection sliders cannot be set to a value less aggressive than the Prevention sliders
• D. Falcon NGAV is not a replacement for Windows Defender or other antivirus programs

Correct answer: C

Explanation

The correct answer, C, indicates that the Detection sliders must be set at the same or higher aggression level than the Prevention sliders, ensuring a consistent security posture. Option A is incorrect because Falcon NGAV utilizes advanced techniques beyond just signature-based detections. Option B is false as enabling Falcon NGAV does not automatically activate all settings; configurations can vary. Option D is misleading because while Falcon NGAV complements existing antivirus solutions, it is designed to work alongside them rather than directly replace them.