CrowdStrike
CCFA-200B · Question #241
CCFA-200B Question #241: Real Exam Question with Answer & Explanation
Sign in or unlock CCFA-200B to reveal the answer and full explanation for question #241. The question stem and answer options stay visible for context.
Question
You need to create a rule to block all process executions of Telegram in your environment. Which custom IOA rule configuration would accomplish this?
Options
- ACustom IOA rule configuration cannot block non-malicious binaries from executing
- BCustom IOA rule set to Block Execution on an Image Filename of .Telegram.
- CCustom IOA rule set to Monitor on an Image Filename of .Telegram.
- DCustom IOA rule set to Detect on an Image Filename of .Telegram.
Unlock CCFA-200B to see the answer
You've previewed enough free CCFA-200B questions. Unlock CCFA-200B for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.