CrowdStrike Certified Falcon Administrator (CCFA) — Question 228

In order to quarantine files on the host, what prevention policy settings must be enabled?

Answer options

• A. Malware Protection and Custom Execution Blocking must be enabled
• B. Next-Gen Antivirus Prevention sliders and "Quarantine & Security Center Registration" must be enabled
• C. Malware Protection and Windows Anti-Malware Execution Blocking must be enabled
• D. Behavior-Based Threat Prevention sliders and Advanced Remediation Actions must be enabled

Correct answer: B

Explanation

The correct answer is B because enabling the Next-Gen Antivirus Prevention sliders and the 'Quarantine & Security Center Registration' is essential for proper file quarantine management. The other options either mention incorrect features or combinations that do not specifically address the quarantine capability.