CrowdStrike Certified Falcon Administrator (CCFA) — Question 81

Why is the ability to disable detections helpful?

Answer options

• A. It gives users the ability to set up hosts to test detections and later remove them from the console
• B. It gives users the ability to uninstall the sensor from a host
• C. It gives users the ability to allowlist a false positive detection
• D. It gives users the ability to remove all data from hosts that have been uninstalled

Correct answer: A

Explanation

The correct answer is A because disabling detections enables users to set up environments for testing without interference, and they can later remove these test setups. Options B, C, and D do not accurately reflect the purpose of disabling detections, as they involve uninstalling sensors, allowlisting false positives, or removing data, which are unrelated tasks.