CrowdStrike Certified Security Engineer (CCSE) — Question 6

Which three System alerts are enabled by default in Next-Gen SIEM for third-party connectors?

Answer options

• A. Alert if connector receives no data in 24 hours Alert if connector is disconnected Resolve alerts within 30 days
• B. Alert if daily data ingestion limit exceeded Alert if monthly data ingestion limit is exceeded Resolve alerts within 30 days
• C. Alert if connector is disconnected Alert if daily data ingestion limit exceeded Alert if monthly data ingestion limit is exceeded
• D. Alert if connector receives no data in 24 hours Alert if daily data ingestion limit exceeded Alert if monthly data ingestion limit is exceeded

Correct answer: A

Explanation

The correct answer, A, identifies the default alerts that monitor connection status and data flow. Options B, C, and D include alerts that are not enabled by default or mix different alert types that do not align with the standard default settings in Next-Gen SIEM.