CrowdStrike IDP Exam - Topic 8 Question 6 Discussion

Actual exam question for CrowdStrike's IDP exam

Question #: 6
Topic #: 8

[All IDP Questions]

The CISO of your organization recently read a report about the increased usage of identity brokers and is interested in finding a solution for the company. Which of the following makes Falcon Identity a valid solution for the organization?

AProvides the ability to audit and record sessions across multiple methods, such as SSH, RDP, and SMB

BFalcon Identity is able to be a middleware between Active Directory and a Human Resource Information System (HRIS)

CGives the organization the ability to proactively mitigate risks, as well as protect critical Active Directory infrastructure through Policy Rules

DAllows administrators to store and delegate passwords to application servers

Show Suggested Answer

Suggested Answer: C

Falcon Identity Protection is designed to address the growing threat of identity brokers, which act as intermediaries that abuse identity infrastructure to facilitate lateral movement, privilege escalation, and persistent access. The CCIS curriculum emphasizes that Falcon Identity Protection provides proactive identity risk mitigation rather than reactive session monitoring or password vaulting.

The platform continuously inspects authentication traffic and identity behavior across Active Directory and Azure AD environments, building behavioral baselines and identifying abnormal activity associated with brokered identity attacks. Through Policy Rules, organizations can automatically enforce controls such as blocking risky authentications, enforcing MFA, or triggering remediation workflows when identity abuse is detected.

The incorrect options describe capabilities associated with Privileged Access Management (PAM) or IAM middleware, which are not the focus of Falcon Identity Protection. Falcon does not record interactive sessions, act as an HRIS bridge, or store delegated credentials. Instead, it protects identity infrastructure by detecting and preventing identity misuse in real time.

This proactive enforcement model aligns directly with Zero Trust principles and makes Falcon Identity Protection a strong solution against identity broker activity. Therefore, Option C is the correct and verified answer.

by Alex at Mar 03, 2026, 05:20 AM

Limited Time Offer

25%

Off

Get Premium IDP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!