CrowdStrike Certified Security Engineer (CCSE) — Question 5

What are the four required CPS-compliant Event parser tags?

Answer options

• A. event.category event.kind event.module event.outcome
• B. event.category event.dataset event.kind event.outcome
• C. event.dataset event.kind event.module event.outcome

Correct answer: B

Explanation

Option B is correct because it includes all four required tags for CPS compliance: event.category, event.dataset, event.kind, and event.outcome. Options A and C are incorrect as they either omit one of the necessary tags or include incorrect ones.