Crowdstrike
CCFH | CCFR | CCFA
Competencies
CrowdStrike Certified Falcon Administrators effectively manage the Falcon platform based on the risk profile of your business, including:
Effective user management
Deploying and managing the Falcon sensor
Configuring deployment and prevention policies based on business risk
Configuring allowlists, blocklists, and file-path exclusions
Conducting administrative reporting
CrowdStrike Certified Falcon Responders investigate, analyze and respond quickly to cyber incidents and active threats, including:
Initial triage of detections in the Falcon console
Managing filtering, grouping and assignment of detections
Performing investigation tasks
Conducting basic proactive hunting for atomic indicators across enterprise event data
CrowdStrike Certified Falcon Hunters investigate threats and security incidents by analyzing digital evidence, including:
Understanding all aspects of detection investigation
Navigating the Falcon console to perform queries and time-lining using Splunk event searching
Conducting search queries using Splunk Search Processing Language (SPL)