CrowdStrike Certified Falcon Hunter (CCFH) — Question 54

In the Powershell Hunt report, what does the filtering condition of CommandLine!="*badstring*" do?

Answer options

• A. Prevents command lines containing “badstring” from being displayed
• B. Displays only the command lines containing “badstring”
• C. Highlights “badstring” in all command lines in the output
• D. Highlights only the command lines containing “badstring”

Correct answer: A

Explanation

The filtering condition CommandLine!='*badstring*' excludes any command lines that have 'badstring' in them from appearing in the report, making option A the correct answer. Options B, C, and D incorrectly suggest that 'badstring' would be included or highlighted, which contradicts the filtering logic.