CMDS

Question 1

What are the commands to run on a Mac OS to see if the sensor is INSTALLED?

Answer 1

Verify Sensor is Running:

-sudo /Applications/Falcon.app/Contents/resources/falconctl stats

**also says if sensor is communicating with cloud

Question 2

Command to run on a Linux OS to see if the sensor is communication with the CS cloud

Answer 2

• lsmod | grep falcon

Question 3

How to configure the deployment tool on Windows?

Answer 3

<Installer> |install |quiet |norestart CID=<CCID>
</CCID></Installer>

Question 4

How to assign sensor tags in Windows?

Answer 4

**Can be assigned after confirmation that the sensor has installed

<installer> |install |norestart CID=<CCID> Grouping-TAGS = "<name>"
**Tags are a great way to organize hosts
</name></CCID></installer>

Question 5

What is the PowerShell Command to disable Windows Defender?

Answer 5

Set-MpPreference -DisableRealtimeMonitoring $true

**Will continue to run in RFM until kernel is updated to support that kernel version

Question 6

What are the commands to run on a Windows OS to see if the sensor is INSTALLED?

Answer 6

-Verify sensor is Running:

cmd admin priv > sc.exe query csagent

Question 7

What are the commands to run on a Linux OS to see if the sensor is INSTALLED?

Answer 7

-Verify Sensor is Running:

ps -e | grep -e falcon-sensor

Question 8

Command to run on a Windows OS to see if the sensor is communication with the CS cloud

Answer 8

-Netstat -f