According to the CrowdStrike Falcon Devices Add-on for Splunk Installation and Configuration Guide v3.1.5+, Reduced Functionality Mode (RFM) is a state where a host’s sensor has limited functionality due to various reasons, such as license expiration, network issues, tampering attempts, etc1. You can find hosts that are in RFM by using the Host Search tool and filtering by Sensor Status = RFM1. You can also view details about why a host is in RFM by clicking on its hostname1.
Question 9
A list of managed and unmanaged neighbors for an endpoint can be found:
Options:
A.
by using Hosts page in the Investigate tool
B.
by reviewing "Groups" in Host Management under the Hosts page
C.
under "Audit" by running Sensor Visibility Exclusions Audit
According to the CrowdStrike Falcon® Data Replicator (FDR) Add-on for Splunk Guide, you can use the Hosts page in the Investigate tool to view information about your endpoints, such as hostname, IP address, OS, sensor version, etc2. You can also see a list of managed and unmanaged neighbors for each endpoint, which are other devices that have communicated with that endpoint over the network2. This can help you identify potential threats or vulnerabilities in your network2.
Question 10
The function of Machine Learning Exclusions is to___________.
Options:
A.
stop all detections for a specific pattern ID
B.
stop all sensor data collection for the matching path(s)
C.
Stop all Machine Learning Preventions but a detection will still be generated and files will still be uploaded to the CrowdStrike Cloud
D.
stop all ML-based detections and preventions for the matching path(s) and/or stop files from being uploaded to the CrowdStrike Cloud
According to the CrowdStrike Falcon® Data Replicator (FDR) Add-on for Splunk Guide, Machine Learning Exclusions allow you to exclude files or directories from being scanned by CrowdStrike’s machine learning engine, which can reduce false positives and improveperformance2. You can also choose whether to upload the excluded files to the CrowdStrike Cloud or not2.
Aryan
Absolutely rocked! They are an excellent investment for anyone who wants to pass the exam on the first try. They save you time and effort by providing a comprehensive overview of the exam content, and they give you a competitive edge by giving you access to the latest information. So, I definitely recommend them to new students.
JessieJan 17, 2026
did you use PDF or Engine? Which one is most useful?
Reeva
Wow what a success I achieved today. Thank you so much Cramkey for amazing Dumps. All students must try it.
AmariJan 6, 2026
Wow, that's impressive. I'll definitely keep Cramkey in mind for my next exam.
Nia
Why are these Dumps so important for students these days?
MaryJan 18, 2026
With the constantly changing technology and advancements in the industry, it's important for students to have access to accurate and valid study material. Cramkey Dumps provide just that. They are constantly updated to reflect the latest changes and ensure that the information is up-to-date.
Robin
Cramkey is highly recommended.
JonahJan 6, 2026
Definitely. If you're looking for a reliable and effective study resource, look no further than Cramkey Dumps. They're simply wonderful!
Question 11
What is an advantage of using the IP Search tool?
Options:
A.
IP searches provide manufacture and timezone data that can not be accessed anywhere else
B.
IP searches allow for multiple comma separated IPv6 addresses as input
C.
IP searches offer shortcuts to launch response actions and network containment on target hosts
D.
IP searches provide host, process, and organizational unit data without the need to write a query
According to the CrowdStrike Falcon Devices Add-on for Splunk Installation and Configuration Guide v3.1.5+, the IP Search tool allows you to search for an IP address and view a summary of information from Falcon events that contain that IP address1. The summary includes the hostname, sensor ID, OS, country, city, ISP, ASN, geolocation, process name, command line, and organizational unit of the host that communicated with that IP address1. This is an advantage of using the IP Search tool because it provides host, process, and organizational unit data without the need to write a query1.
