Question 7 - CCFA-200 Real Exam Questions [Jan 2026 Update]s

Q: 7

Your organization uses CrowdStrike Falcon and needs to minimize the risk of update-related downtime during business hours. You are tasked with configuring the sensor update policy to control the timing of update rollouts. Which setting will best allow you to control when updates are applied?

Options

Correct Answer:

Explanation

The "Update Schedule" setting, implemented in CrowdStrike Falcon as a "maintenance window," is the most direct and effective method for controlling when sensor updates are applied. This feature allows administrators to define specific days and time windows (e.g., weekends, overnight hours) during which updates are permitted to run. By configuring a schedule that falls outside of business hours, the organization can ensure that the potential performance impact or need for reboots associated with an update does not disrupt employee productivity, directly addressing the goal of minimizing downtime risk.

Why Incorrect

A. Adaptive Rollout: This is a general deployment strategy, not a specific Falcon setting. Phased rollouts in Falcon are managed using different update policies for different host groups, not by a single "adaptive" setting.

C. Delayed Release: This setting postpones the update for a fixed period (e.g., 7 days) after CrowdStrike releases it. It does not provide granular control over the specific time of day the update will be applied.

D. Manual Approval: This refers to manually selecting a specific sensor version for a policy. While it controls the initiation of an update, it does not control the precise timing of installation on endpoints, which could still occur during business hours without a configured schedule.

References

1. CrowdStrike Falcon® Platform Documentation

Host and sensor management

Section: Managing sensor update policies. The documentation details the configuration of Sensor Update Policies

including the "Schedule" section. It states

"To ensure sensor updates only happen during a specific time frame

like outside of business hours

you can enable and configure a maintenance window for a policy." This confirms that the schedule is the designated feature for controlling update timing.

2. CrowdStrike Support Portal

Article ID: 360043448391

Falcon Sensor Update Policy Maintenance Windows. This official support document explicitly describes the purpose of the feature: "Maintenance windows ensure sensor updates only happen during a specific time frame

like outside of business hours or on weekends... When an update is available for a host

it checks to see if it's inside a maintenance window. If it is

the sensor is updated. If not

it waits for the next available window." This directly supports the use of a schedule to control update timing.

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE