CrowdStrike Certified Falcon Responder (CCFR) — Question 1

When reviewing a Host Timeline, which of the following filters is available?

Answer options

• A. Severity
• B. Event Types
• C. User Name
• D. Detection ID

Correct answer: B

Explanation

The correct answer is B, Event Types, as it is a filter specifically designed for analyzing events within the Host Timeline. The other options, while relevant in different contexts, do not serve as filters for the Host Timeline review process.