Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CCFA > SENSOR UPDATE POLICIES > Flashcards

SENSOR UPDATE POLICIES Flashcards

1
Q

Define an update policy

A
  • Controls the update process for sensors on all hosts
    **no restart is required during in place updates.

-Each host is assigned to a sensor policy, based on host group.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What can you use sensor update policies for

A

Use sensor update policies to:

- Lock host groups to a specific sensor version

- Control whether the cloud manages sensor version updates 

- Protect sensors from unauthorized uninstallation by end 
      users 

- Deploy new sensor versions to host groups for testing and 
      validation

- Update Schedules: Use sensor update policies to 
      automatically update test and production hosts to 
      appropriate versions

- Sensor and channel update throttling: Throttle sensor 
      update speeds to conserve bandwidth on slower networks

- Sensor uninstall protection: Control whether an end user 
      with local admin permissions can manually update or 
      uninstall the sensor
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Demonstrate what the default policy is used for

A
  • Default Policy is used for hosts that do not have a sensor update policy assigned/attached to them
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are considered best practice when configuring default policies?

A
  • Best practice is to choose a specific version for the update policy, not an “Auto version”
  • Best practice to keep Uninstall and Maintenance Protection enabled for all sensor update policies
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What does auto update do?

A
  • Automated sensor is set to one of 3 Auto policy options:
  1. Auto – N – 1: When a schedule release happens, hosts with this setting update to the second newest version
  2. Auto – N – 2: When a scheduled release happens, hosts with this setting update to the third – newest version
  3. Auto – Latest: When a scheduled release happens, hosts with this setting update to the newest version – for hosts designated with sensor testing
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Where are build versions visible for a single sensor?

A
  • Host setup and management > Sensor Update Policies > Build (column)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Do all hosts maintain the same sensor update policy?

A

-No. There is a separate sensor update policy for separate platforms, and a separate update policy for Falcon Identity Protection DC Sensors.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How to configure a default policy according to best practice?

A

Falcon Console > Hosts > Groups > create new custom groups called Test QA Group, Tech Pilot Group, and Business Pilot Group > Sensor Update Policies > Set “Test QA Group” to Auto version/ latest version

Set specific builds for other groups

-Once “Test QA Group” is successfully updated, configure the other groups to update to that version

-Best Practice is to keep Uninstall and Maintenance Protection enabled for all sensor update policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Can you revert a sensor to a previous version?

A
  • Yes, but only to a version released in the last 180 days.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CCFA (19 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions