Knowledge check

Completed

Choose the best response for each of the questions below.

Check your knowledge

1.

Which is a valid remediation level?

Semi - require approval for any remediation

Semi - user accounts only

Semi - files only

2.

A security operations analyst needs to exclude a custom executable file c:\myapp\myapp.exe, which exclusion type should they use?

File

Extension

Folder

3.

In advanced features, which setting should be turned on to block files even if a third-party antivirus is used?

Enable EDR in block mode

Allow or block file

Automated Investigation

You must answer all questions before checking your work.