A security alert has been issued for an application running on your network that exploits a buffer overflow to compromise the application. The security alert specifies that client-to-server communication will contain the string "*~hack-man?" or the string "back*?/hat".

Which type of IPS custom signature is required to block the traffic?

A.
A signature attack object for each of the specified strings

B.
A compound attack object

C.
A protocol anomaly attack object

D.
A regular expression matching the identified strings