Free CrowdStrike CrowdStrike-IDP Exam Questions

Become CrowdStrike Certified with updated CrowdStrike-IDP exam questions and correct answers

Page: 1 / 60

Total 300 Questions | Updated On: Dec 17, 2025

Add To Cart

Question 1

Which file format and structure is required to successfully upload a custom list of compromised passwords to the CrowdStrike Compromised Password directory?

A : JSON file with each password as a key-value pair.

B : XML file structured with tags for each entry.

C : Plain text file with one password per line.

D : CSV file with a single column labeled "Compromised Passwords" and passwords listed under it.

Answer: D

Question 2

Falcon Identity Protection introduces a log-free detection approach that differs from traditional Endpoint Detection and Response (EDR) solutions. Which of the following best describes a key advantage of Falcon Identity Protection’s log-free detection mechanism compared to traditional EDR solutions?

A : It completely replaces endpoint telemetry, making EDR solutions unnecessary for security operations.

B : It provides real-time identity threat detection without relying on endpoint logs, reducing latency in threat response.

C : It only works with Windows-based endpoints and does not support cross-platform environments.

D : It only detects threats within the organization’s network perimeter, making it ineffective against cloud-based identity threats.

Answer: B

Question 3

In the context of potential risk factors related to identity, what does the "Severity" component assess?

A : The number of identities impacted by a breach

B : The likelihood that a vulnerability will be exploited

C : The probability that an attack will occur

D : The impact of a potential security breach if the risk materializes

Answer: D

Question 4

What is the primary role of Falcon Identity Protection's domain controller integration in inspecting traffic for identity protection?

A : To passively monitor authentication traffic without disrupting domain operations.

B : To block all unauthenticated traffic before it reaches the domain controller.

C : To replace traditional domain controller authentication mechanisms with Falcon's proprietary protocols.

D : To decrypt all SSL/TLS traffic in the domain for inspection.

Answer: A

Question 5

You are using Falcon Identity Protection to monitor the behavior of users and detect potential identity-based threats. Which of the following correctly describes the primary focus of the Monitor menu within Falcon Identity Protection?

A : It provides a dashboard displaying user activity, login patterns, and potential identity threats in real time.

B : It contains tools for managing integrations with third-party SIEM and SOAR platforms.

C : It is used to configure enforcement policies to mitigate identity-based threats automatically.

D : It lists all integrated identity providers and allows the configuration of sync settings for user data.

Answer: A

Page: 1 / 60

Total 300 Questions | Updated On: Dec 17, 2025

Add To Cart