Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CrowdStrike Exam CCFA-200 Topic 10 Question 18 Discussion

Actual exam question for CrowdStrike's CCFA-200 exam
Question #: 18
Topic #: 10
[All CCFA-200 Questions]

Which of the following is an effective Custom IOA rule pattern to kill any process attempting to access www.badguydomain.com?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Serina at Apr 01, 2023, 10:12 AM

Limited Time Offer

25%

Off

Get Premium CCFA-200 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Layla
3 days ago
I think option B is the correct answer. It looks like a comprehensive rule that can kill any process trying to access the bad domain.
upvoted 0 times
...
Barrie
13 days ago
Hmm, that makes sense too. Let's see what others think before we finalize our answer.
upvoted 0 times
...
Mona
13 days ago
I disagree, I believe the correct answer is A) .*badguydomain.com.* because it covers any process attempting to access the domain.
upvoted 0 times
...
Barrie
16 days ago
I think the answer is B) \Device\HarddiskVolume2\*.exe -SingleArgument www.badguydomain.com /kill.
upvoted 0 times
...

Save Cancel