CrowdStrike Certified Falcon Administrator (CCFA) — Question 25

Custom IOA rules are defined using which syntax?

Answer options

• A. Glob
• B. PowerShell
• C. Yara
• D. Regex

Correct answer: D

Explanation

The correct answer is D, Regex, as it is specifically designed for pattern matching and is commonly used in defining custom IOA rules. Options A (Glob), B (PowerShell), and C (Yara) do not provide the same level of flexibility or specificity required for this purpose.