CrowdStrike Certified Falcon Administrator CCFA-200 Question # 27 Topic 3 Discussion

CCFA-200 Exam Topic 3 Question 27 Discussion:

Question #: 27

Topic #: 3

Which of the following is an effective Custom IOA rule pattern to kill any process attempting to access www.badguydomain.com?

.*badguydomain.com.*

\Device\HarddiskVolume2\*.exe -SingleArgument www.badguydomain.com /kill

badguydomain\.com.*

Custom IOA rules cannot be created for domains

Get Premium CCFA-200 Questions

Actual exam question for CrowdStrike CCFA-200 exam by Quill18638 at Aug 3, 2025, 10:38:59 AM

Chosen Answer: A B C D
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.