New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CrowdStrike IDP Exam - Topic 8 Question 1 Discussion

Actual exam question for CrowdStrike's IDP exam
Question #: 1
Topic #: 8
[All IDP Questions]

Which of the following are NOT included within the three-dot menu on Identity-based Detections?

Which of the following are not included within the three-dot menu on Identity-based Detections?

Show Suggested Answer Hide Answer
Suggested Answer: B

In Falcon Identity Protection, the three-dot () action menu on an identity-based detection provides analysts with a limited set of actions that apply directly to the detection itself. According to the CCIS curriculum, these actions are designed to support investigation workflow, tuning, and documentation.

The supported actions in the detection-level three-dot menu include:

Edit status, which allows analysts to update the detection state (for example, New, In Progress, or Closed).

Add comment, which enables collaboration and documentation directly on the detection.

Add exclusion, where supported, to suppress future detections that match known benign behavior.

Add to Watchlist is not included in this menu because watchlists are applied to entities (such as users, service accounts, or endpoints), not to detections. Watchlists are managed from entity views or investigation workflows and are used to increase visibility and monitoring priority for specific identities---not to act on individual detections.

This distinction is emphasized in CCIS training to reinforce the separation between entity-centric actions and detection-centric actions. Because watchlists operate at the entity level, Option B is the correct and verified answer.


by Laticia at Jan 28, 2026, 07:17 AM

Limited Time Offer

25%

Off

Get Premium IDP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Beckie
8 days ago
I practiced a similar question, and I feel like "Add exclusion" might not be in the menu either.
upvoted 0 times
...
Bernardine
13 days ago
I think I remember that the three-dot menu has options like "Edit status" and "Add to Watchlist," but I'm not sure about "Add comment."
upvoted 0 times
...
Virgina
18 days ago
This is a good question. I'll need to pay close attention to the details in the image and make sure I understand which options are not included in the three-dot menu.
upvoted 0 times
...
Trinidad
23 days ago
Okay, I've studied the image and the options. I think I've got a good handle on this. Time to select the correct answer.
upvoted 0 times
...
Gerald
28 days ago
Hmm, I'm not totally sure about this one. I'll need to take a closer look at the image and think through each option carefully.
upvoted 0 times
...
Trinidad
1 month ago
The image is a bit small, but I think I can make it out. Let me double-check the options against what I see in the menu.
upvoted 0 times
...
Theodora
1 month ago
This looks like a straightforward multiple-choice question. I'll need to carefully review the options and compare them to the image to determine which ones are not included in the three-dot menu.
upvoted 0 times
...

Save Cancel