ExamTopics Logo
Mail Us[email protected]
Menu
Crowdstrike Discussions
exam questions

Exam CCFA All Questions

View all questions & answers for the CCFA exam
Go to Exam

Exam CCFA topic 1 question 51 discussion

Actual exam question from CrowdStrike's CCFA
Question #: 51
Topic #: 1
[All CCFA Questions]

Custom IOA rules are defined using which syntax?

  • A. Glob
  • B. PowerShell
  • C. Yara
  • D. Regex
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by ShuliAbba at Jan. 26, 2023, 1:50 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
CyberMacadamia
8 months, 2 weeks ago
Selected Answer: D
D - Regex checked in. UI under Endpoint Security > Configure > Custom IOA Rule Groups. Use REGEX
upvoted 1 times
...
sbag0024
1 year, 5 months ago
Selected Answer: D
D Regex. ML is Glob. IOA is Regex
upvoted 1 times
...
uday1985
1 year, 6 months ago
Selected Answer: D
When creating an IOA its providing you with this link: Custom Intelligence via Indicator of Attack Regex guidelines https://falcon.crowdstrike.com/documentation/68/detection-and-prevention-policies#regex
upvoted 1 times
...
Pan1c
1 year, 7 months ago
I believe ML uses Glob, but IOA uses Regex. D.
upvoted 1 times
...
FerbOP
1 year, 7 months ago
Selected Answer: D
D - regex
upvoted 1 times
...
Belrose
1 year, 8 months ago
Selected Answer: D
From Documentation - Detection and Prevention Policies "The four different rule types provide unique detection parameters that can be configured using supported regex syntax in their fields."
upvoted 2 times
...
Belrose
1 year, 8 months ago
From Documentation --> Detection and Prevention Policies "The four different rule types provide unique detection parameters that can be configured using supported regex syntax in their fields." Right answer: D - Regex.
upvoted 1 times
...
im2ca
1 year, 8 months ago
Selected Answer: B
Regex syntax is used
upvoted 1 times
...
Lasitha20
1 year, 8 months ago
Selected Answer: A
Glob is the correct one. Answer is A
upvoted 1 times
...
ShuliAbba
1 year, 10 months ago
B is wrong! the correct answer is D - Regex. verified on Falcon console.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel