Which of the following is an effective Custom IOA rule pattern to kill any process attempting to access www.badguydomain.com?
Which of the following is an effective Custom IOA rule pattern to kill any process attempting to access www.badguydomain.com?
An effective Custom IOA rule pattern to kill any process attempting to access www.badguydomain.com should be able to capture any instance of the domain within various processes or commands. The pattern '.*badguydomain\.com.*' uses regular expressions to match any string containing 'badguydomain.com', regardless of what comes before or after it. This ensures that any process attempting to access www.badguydomain.com or any subdomains will be detected and handled appropriately.
The answer is A. You are usuing RegEx here and need leading ".*" to capture www and then need a ".*" at the end to identify any sites falling under badguydomain.com
A is correct. checked on lab.
The syntax for C is correct and this would catch any process trying to reach out to the domain.
but where would you put this string - command, parent name, image file name?? I copied the sting in option B to the command line and it suggested a few minor suggestions of "\" or "*"...
A is the correct answer. You can check the regular expression on a regex builder.
A is correct,
A is correct. Syntax in \Device\HarddiskVolume2\*.exe -SingleArgument www.badguydomain.com /kill is incorrect (tested on UI)