CrowdStrike Certified Falcon Hunter (CCFH) — Question 34
You want to produce a list of all event occurrences along with selected fields such as the full path, time, username etc. Which command would be the appropriate choice?
Answer options
- A. fields
- B. distinctcount
- C. table
- D. values
Correct answer: C
Explanation
The correct command is 'table' because it allows you to display event occurrences along with specified fields in a structured format. 'fields' is used to specify which fields to include in the output but does not format them into a list. 'distinctcount' is for counting unique values, and 'values' retrieves unique values but does not format them in a tabular manner.