Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CCFA > REAL TIME RESPONSE POLICIES > Flashcards

REAL TIME RESPONSE POLICIES Flashcards

1
Q

How to apply roles and policy settings

A

Apply Policy Settings:

-Enable/disable individual response policy settings on Policy Details page

-Click Save to save settings

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How to track and review RTR audit logs to manage user activity?

A

–RTR activities are tracked and can be viewed in 3 audit logs in Falcon console
o Review the commands performed in each RTR session details
o See event history of maintenance performed on custom
scripts
o Files for “put command”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What can be viewed in audit logs about RTR sessions?

A
  • User who connected to host
  • Host that was accessed
  • Commands and arguments that were run
  • Duration/Start time of session
  • Files that were uploaded from host to CS cloud using the get
    command
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How to create a Response Policy

A

Create a Response Policy:

-Falcon Console > Configuration > Response Policies > Click Add New Policy > In New Policy Details dialog, enter policy name/description > Click “Create” to create policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CCFA (19 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions