According to the CrowdStrike Falcon Devices Add-on for Splunk Installation and Configuration Guide v3.1.5+, Reduced Functionality Mode (RFM) is a state where a host’s sensor has limited functionality due to various reasons, such as license expiration, network issues, tampering attempts, etc1. You can find hosts that are in RFM by using the Host Search tool and filtering by Sensor Status = RFM1. You can also view details about why a host is in RFM by clicking on its hostname1.
Question 9
A list of managed and unmanaged neighbors for an endpoint can be found:
Options:
A.
by using Hosts page in the Investigate tool
B.
by reviewing "Groups" in Host Management under the Hosts page
C.
under "Audit" by running Sensor Visibility Exclusions Audit
According to the CrowdStrike Falcon® Data Replicator (FDR) Add-on for Splunk Guide, you can use the Hosts page in the Investigate tool to view information about your endpoints, such as hostname, IP address, OS, sensor version, etc2. You can also see a list of managed and unmanaged neighbors for each endpoint, which are other devices that have communicated with that endpoint over the network2. This can help you identify potential threats or vulnerabilities in your network2.
Question 10
The function of Machine Learning Exclusions is to___________.
Options:
A.
stop all detections for a specific pattern ID
B.
stop all sensor data collection for the matching path(s)
C.
Stop all Machine Learning Preventions but a detection will still be generated and files will still be uploaded to the CrowdStrike Cloud
D.
stop all ML-based detections and preventions for the matching path(s) and/or stop files from being uploaded to the CrowdStrike Cloud
According to the CrowdStrike Falcon® Data Replicator (FDR) Add-on for Splunk Guide, Machine Learning Exclusions allow you to exclude files or directories from being scanned by CrowdStrike’s machine learning engine, which can reduce false positives and improveperformance2. You can also choose whether to upload the excluded files to the CrowdStrike Cloud or not2.
Question 11
What is an advantage of using the IP Search tool?
Options:
A.
IP searches provide manufacture and timezone data that can not be accessed anywhere else
B.
IP searches allow for multiple comma separated IPv6 addresses as input
C.
IP searches offer shortcuts to launch response actions and network containment on target hosts
D.
IP searches provide host, process, and organizational unit data without the need to write a query
According to the CrowdStrike Falcon Devices Add-on for Splunk Installation and Configuration Guide v3.1.5+, the IP Search tool allows you to search for an IP address and view a summary of information from Falcon events that contain that IP address1. The summary includes the hostname, sensor ID, OS, country, city, ISP, ASN, geolocation, process name, command line, and organizational unit of the host that communicated with that IP address1. This is an advantage of using the IP Search tool because it provides host, process, and organizational unit data without the need to write a query1.
Stefan
Thank you so much Cramkey I passed my exam today due to your highly up to date dumps.
OceanApr 4, 2026
Agree….Cramkey Dumps are constantly updated based on changes in the exams. They also have a team of experts who regularly review the materials to ensure their accuracy and relevance. This way, you can be sure you're studying the most up-to-date information available.
Walter
Yayyy!!! I passed my exam with the help of Cramkey Dumps. Highly appreciated!!!!
AngusApr 11, 2026
YES….. I saw the same questions in the exam.
Lennie
I passed my exam and achieved wonderful score, I highly recommend it.
EmeliaApr 23, 2026
I think I'll give Cramkey a try next time I take a certification exam. Thanks for the recommendation!
Sam
Can I get help from these dumps and their support team for preparing my exam?
AudreyApr 6, 2026
Definitely, you won't regret it. They've helped so many people pass their exams and I'm sure they'll help you too. Good luck with your studies!
