CrowdStrike Certified Falcon Administrator (CCFA) — Question 215

When deploying the Falcon Sensor alongside an existing security solution, you enable the Quarantine prevention setting in Falcon. What is the recommended configuration for both solutions?

Answer options

• A. Disable or remove the other AV solution and configure ODS Cloud Anti-Malware prevention in Falcon to Moderate or higher
• B. Disable or remove the other AV solution and configure NGAV Sensor Machine Learning prevention in Falcon to Moderate or higher
• C. Disable or remove the other AV solution and configure NGAV Sensor Machine Learning prevention in Falcon to Cautious
• D. Disable or remove the other AV solution and configure NGAV Cloud Machine Learning prevention in Falcon to Extra-Aggressive

Correct answer: B

Explanation

The correct answer is B because configuring NGAV Sensor Machine Learning prevention to Moderate or higher allows for effective protection while coexisting with another AV solution. Options A, C, and D suggest configurations that either do not align with best practices or do not provide the same level of efficacy in conjunction with existing security measures.