CrowdStrike Certified Falcon Hunter (CCFH) — Question 47

Which Falcon documentation guide should you reference to hunt for anomalies related to scheduled tasks and other Windows related artifacts?

Answer options

• A. Hunting and Investigation
• B. Customizable Dashboards
• C. MITRE-Based-Falcon Detections Framework
• D. Events Data Dictionary

Correct answer: A

Explanation

The correct answer is A, as the 'Hunting and Investigation' guide specifically covers techniques for identifying anomalies related to scheduled tasks in Windows environments. The other options do not focus on hunting for anomalies but rather on dashboards, detection frameworks, or data dictionaries.