CrowdStrike CCSE - CrowdStrike Certified SIEM Engineer Exam
Page: 1 / 12
Total 60 questions
Question #1 (Topic: Exam A)
A Falcon Log Collector has been configured with 4 sinks of type memory, each having a queue size of 2GB.
What is the minimum memory requirement produced by this configuration?
What is the minimum memory requirement produced by this configuration?
A. 9 GB
B. 12 GB
C. 10 GB
D. 8 GB
Answer: C
Question #2 (Topic: Exam A)
Which default role will maintain least privilege and allow for creation and management of parsers?
A. NG SIEM Analyst
B. NG SIEM Security Lead
C. NG SIEM Administrator
D. NG SIEM Analyst – Read Only
Answer: B
Question #3 (Topic: Exam A)
What are the two types of connectors used to integrate data between third-party systems and Falcon?
A. Internal and External
B. Push and Pull
C. On-Prem and Cloud
D. Syslog and Application Programming Interface (API)
Answer: B
Question #4 (Topic: Exam A)
What is the first consideration when determining the necessary sizing requirements for log collector clients in a Next-Gen SIEM deployment?
A. The expected daily log volume from each data source
B. The available network bandwidth between the log collectors and the Next-Gen SIEM platform
C. The number of concurrent users accessing the Next-Gen SIEM console
D. The processing power and memory of the log collector host systems
Answer: A
Question #5 (Topic: Exam A)
What is the purpose of labels in Fleet Management?
A. Set passwords for collector instances
B. Categorize collectors for group configurations
C. Monitor network traffic
D. Assign IP addresses to collectors
Answer: B
