Spring Sale 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exams65

ExamsBrite Dumps

CrowdStrike Certified Identity Specialist(CCIS) Exam Question and Answers

CrowdStrike Certified Identity Specialist(CCIS) Exam

Last Update Feb 22, 2026
Total Questions : 58

We are offering FREE IDP CrowdStrike exam questions. All you do is to just go and sign up. Give your details, prepare IDP free exam questions and then go for complete pool of CrowdStrike Certified Identity Specialist(CCIS) Exam test questions that will help you more.

IDP pdf

IDP PDF

$36.75  $104.99
 Add to Cart
IDP Engine

IDP Testing Engine

$43.75  $124.99
 Add to Cart
IDP PDF + Engine

IDP PDF + Testing Engine

$57.75  $164.99
 Add to Cart
Questions 1

What setting can be switched under the Domain Security Overview for each Active Directory domain and/or Azure tenant?

Options:

A.  

Privileged Identities

B.  

Domains

C.  

Goal

D.  

Scope

Discussion 0
Questions 2

By using compromised credentials, threat actors are able to bypass theExecutionphase of the MITRE ATT&CK framework and move directly into:

Options:

A.  

Initial Access

B.  

Weaponization

C.  

Discovery

D.  

Lateral Movement

Discussion 0
Questions 3

Falcon Identity Protection can continuously assess identity events and associate them with potential threatsWITHOUTwhich of the following?

Options:

A.  

Machine-learning-powered detection rules

B.  

API-based connectors

C.  

Ingesting logs

D.  

The need for string-based queries

Discussion 0
Questions 4

The NIST SP 800-207 framework for Zero Trust Architecture defines validation and authentication standards for users in which network locations?

Options:

A.  

Only those users inside the network

B.  

Only those users accessing the network remotely over VPN

C.  

All users both inside and outside of the network

D.  

Only those users outside the network

Discussion 0
Questions 5

What is the recommended action for the"Guest Account Enabled"risk?

Options:

A.  

Add related endpoints to a watchlist

B.  

Apply a policy rule with an "Access" trigger and "Block" action on the Guest account

C.  

Disable Guest accounts on all endpoints

D.  

Disable the endpoint in Active Directory

Discussion 0
Questions 6

How many days will an identity-based incident be suppressed if new events related to the same incident occur?

Options:

A.  

30 days

B.  

7 days

C.  

14 days

D.  

5 days

Discussion 0
Questions 7

In the Predefined ReportsSubjectdropdown, which category is associated with endpoints?

Options:

A.  

Insights

B.  

Events

C.  

Incidents

D.  

Accounts

Discussion 0
Questions 8

Any countries or regions included in the _ will trigger a geolocation detection.

Options:

A.  

Blocklist

B.  

Allowlist

C.  

Dictionary

D.  

Exclusion

Discussion 0
Questions 9

Within which Identity Protection menu would an administrator enableAuthentication Traffic Inspection (ATI)for a domain?

Options:

A.  

Configure > Settings

B.  

Enforce > Policy Rules

C.  

Enforce > Policy Settings

D.  

Configure > Identity Configuration Policies

Discussion 0
Questions 10

Considering the following example, what MITRE ATT&CK tactic would you use to complete the workflow?

Options:

A.  

Initial Access

B.  

Credential Access

C.  

Lateral Movement

D.  

Privilege Escalation

Discussion 0
Questions 11

Which of the following isNOTa default insight but can be created with a custom insight?

Options:

A.  

Using Unmanaged Endpoints

B.  

GPO Exposed Password

C.  

Compromised Password

D.  

Poorly Protected Accounts with SPN

Discussion 0
Questions 12

When creating an API client, which scope withWritepermissions must be enabled prior to using Identity Protection API?

Options:

A.  

Identity Protection Assessment

B.  

Identity Protection Health

C.  

There is no need for Write permissions in order to use IDP API

D.  

Identity Protection GraphQL

Discussion 0
Questions 13

Which of the following demonstrates a detection is enabled?

Options:

A.  

The toggle next to the Detection Enabled is marked in gray

B.  

The toggle next to the Detection Enabled is marked in green

C.  

The detection has a Disabled tag next to it

D.  

The detection has an Enabled tag next to it

Discussion 0
Questions 14

Which menu option isNOTincluded in Falcon Identity Threat Detection (ITD)?

Options:

A.  

Event Analysis

B.  

Settings

C.  

Privileged Identities

D.  

Policy Rules

Discussion 0
Questions 15

When creating an API key, which scope should be selected to retrieve Identity Protection detection and incident information?

Options:

A.  

Identity Protection Detections

B.  

Identity Protection Incidents

C.  

Identity Protection Assessment

D.  

Identity Protection Data

Discussion 0
Questions 16

Within Domain Security Overview, whatGoalincorporates all risks into one security assessment report?

Options:

A.  

Pen Testing

B.  

AD Hygiene

C.  

Reduce Attack Surface

D.  

Privileged User Management

Discussion 0
Questions 17

When an endpoint that has not been used in the last90 daysbecomes active, a detection forUse of Stale Endpointis reported.

Options:

A.  

180 days

B.  

90 days

C.  

30 days

D.  

60 days

Discussion 0