Free CrowdStrike CrowdStrike-IDP Exam Questions
Absolute Free CrowdStrike-IDP Exam Practice for Comprehensive Preparation
-
CrowdStrike CrowdStrike-IDP Exam Questions
-
Provided By: CrowdStrike
- Exam: CrowdStrike Certified Identity Specialist (CCIS)
- Certification: CrowdStrike Falcon
-
Total Questions: 240
-
Updated On: Feb 18, 2025
-
Rated: 4.9 |
-
Online Users: 480
-
Question 1
-
According to the NIST SP 800-207 framework, which of the following is a key capability that a Zero Trust Architecture should provide?
Answer: C
-
According to the NIST SP 800-207 framework, which of the following is a key capability that a Zero Trust Architecture should provide?
-
Question 2
-
Your organization plans to implement CrowdStrike to streamline identity management and secure access to cloud-based applications. The goal is to integrate with an existing Identity-as-a-Service (IDaaS) provider that already manages user authentication and role-based access. Which connector type should you configure to achieve this integration effectively?
Answer: D
-
Your organization plans to implement CrowdStrike to streamline identity management and secure access to cloud-based applications. The goal is to integrate with an existing Identity-as-a-Service (IDaaS) provider that already manages user authentication and role-based access. Which connector type should you configure to achieve this integration effectively?
-
Question 3
-
During a security review, a CrowdStrike Falcon Identity Threat Detection alert is triggered for a high-risk user attempting to access a sensitive application from an unusual geographic location. As a security analyst, you need to investigate the incident further using available pivots in the CrowdStrike console. Which of the following actions is the most appropriate first step for an identity-based investigation?
Answer: C
-
During a security review, a CrowdStrike Falcon Identity Threat Detection alert is triggered for a high-risk user attempting to access a sensitive application from an unusual geographic location. As a security analyst, you need to investigate the incident further using available pivots in the CrowdStrike console. Which of the following actions is the most appropriate first step for an identity-based investigation?
-
Question 4
-
A company uses a scheduled task to run a proprietary script, DailyReportGenerator.ps1, which is repeatedly flagged by CrowdStrike as suspicious. The security team has verified that the task is safe and wants to prevent further detections while ensuring monitoring remains active for all other scheduled tasks. How should the team add an appropriate detection exclusion in CrowdStrike?
Answer: A
-
A company uses a scheduled task to run a proprietary script, DailyReportGenerator.ps1, which is repeatedly flagged by CrowdStrike as suspicious. The security team has verified that the task is safe and wants to prevent further detections while ensuring monitoring remains active for all other scheduled tasks. How should the team add an appropriate detection exclusion in CrowdStrike?
-
Question 5
-
You are using Falcon Identity Protection to monitor the behavior of users and detect potential identity-based threats. Which of the following correctly describes the primary focus of the Monitor menu within Falcon Identity Protection?
Answer: A
-
You are using Falcon Identity Protection to monitor the behavior of users and detect potential identity-based threats. Which of the following correctly describes the primary focus of the Monitor menu within Falcon Identity Protection?