CrowdStrike Certified Falcon Responder (CCFR) — Question 20

What is the difference between a Host Search and a Host Timeline?

Answer options

• A. Results from a Host Search return information in an organized view by type, while a Host Timeline returns a view of all events recorded by the sensor
• B. A Host Timeline only includes process execution events and user account activity
• C. Results from a Host Timeline include process executions and related events organized by data type. A Host Search returns a temporal view of all events for the given host
• D. There is no difference - Host Search and Host Timeline are different names for the same search page

Correct answer: A

Explanation

The correct answer is A because it accurately describes the distinct outputs of a Host Search and a Host Timeline. Answer B is incorrect as it inaccurately limits a Host Timeline to only two types of events. Answer C reverses the definitions of the two functions, and D incorrectly asserts that they are the same, which is not true.