Free CrowdStrike CrowdStrike-IDP Exam Questions

Become CrowdStrike Certified with updated CrowdStrike-IDP exam questions and correct answers

Page: 1 / 60

Total 300 Questions | Updated On: Jul 28, 2025

Add To Cart

Question 1

A company uses a scheduled task to run a proprietary script, DailyReportGenerator.ps1, which is repeatedly flagged by CrowdStrike as suspicious. The security team has verified that the task is safe and wants to prevent further detections while ensuring monitoring remains active for all other scheduled tasks. How should the team add an appropriate detection exclusion in CrowdStrike?

A : Add an exception for the specific scheduled task by its name and command-line arguments.

B : Create a detection exclusion for the hash of DailyReportGenerator.ps1.

C : Add a process exclusion for powershell.exe across all endpoints.

D : Exclude all scheduled tasks from detection alerts.

Answer: A

Question 2

You are tasked with generating a custom report in CrowdStrike to assist in planning a risk mitigation strategy. The report must focus on accounts exhibiting high-risk behaviors, such as excessive failed logins or abnormal activity patterns. Which configuration would best achieve this goal?

A : Filter by "Login Success Rate" and exclude all accounts with 100% successful logins.

B : Focus on accounts with password changes in the past 7 days to identify potential credential leaks.

C : Add a filter for "Behavior: Abnormal Activity" and display columns for "Risk Score" and "Event Count."

D : Include only accounts with MFA enabled to narrow the focus of the report.

Answer: C

Question 3

Which of the following behaviors is most likely to increase a user’s identity risk score?

A : Accessing sensitive data during business hours from a corporate device.

B : Using a personal email address for MFA verification.

C : Repeated failed login attempts within a short timeframe.

D : Logging in from a new geographic location.

Answer: C

Question 4

Your organization has recently experienced a series of phishing attacks targeting users in multiple domains. You are tasked with updating the "Goal" in the Domain Security Overview of CrowdStrike's Identity Protection platform to better address this threat. Which goal should you select?

A : Strengthen Kerberos Encryption

B : Detect Suspicious Authentication Activity

C : Enhance Password Hygiene

D : Ensure Secure Privileged Access

Answer: B

Question 5

The NIST Special Publication 800-207 defines a Zero Trust Architecture (ZTA) to enhance security through continuous verification and least privilege principles. According to this framework, which of the following best describes a key characteristic of Zero Trust?

A : Firewalls and VPNs alone are sufficient to establish Zero Trust security.

B : Zero Trust is an optional security approach that applies only to cloud-based architectures.

C : Implicit trust is granted to users and devices within the corporate network once authenticated.

D : Authentication and authorization are enforced at every access request, regardless of the network location.

Answer: D

Page: 1 / 60

Total 300 Questions | Updated On: Jul 28, 2025

Add To Cart