CrowdStrike Certified Security Engineer (CCSE) — Question 2

Which two tags are compliant with the CrowdStrike Parsing Standard (CPS)?

Answer options

• A. #event.type and #event.kind
• B. #vendor.name and #event.type
• C. #observer.type and #event.kind
• D. #observer.type and #vendor.name

Correct answer: A

Explanation

The correct answer is A, as both #event.type and #event.kind are specified in the CrowdStrike Parsing Standard. The other options contain tags that do not meet the CPS requirements, such as #vendor.name and #observer.type, which are not part of the compliant set.