CrowdStrike Certified Falcon Hunter (CCFH) — Question 48

What topics are presented in the Hunting and Investigation Guide?

Answer options

• A. Detailed tutorial on writing advanced queries such as sub-searches and joins
• B. Detailed summary of event names, descriptions, and some key data fields for hunting and investigation
• C. Sample hunting queries, select walkthroughs and best practices for hunting with Falcon
• D. Recommended platform configurations and prevention settings to ensure detections are generated for hunting leads

Correct answer: C

Explanation

The correct answer is C because it specifically mentions the inclusion of sample hunting queries and best practices, which are essential components of the guide. Options A and B focus on query writing and event summaries, while D emphasizes configurations, none of which capture the essence of the guide as accurately as C does.