New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium CyberArk PAM-DEF Dumps Questions Answers

Page: 1 / 18
Total 239 questions

CyberArk Defender - PAM Questions and Answers

Question 1

Which PTA sensors are required to detect suspected credential theft?

Options:

A.

Logs, Vault Logs

B.

Logs, Network Sensor, Vault Logs

C.

Logs, PSM Logs, CPM Logs

D.

Logs, Network Sensor, EPM

Buy Now
Question 2

A Logon Account can be specified in the Master Policy.

Options:

A.

TRUE

B.

FALSE

Question 3

Which of the following are secure options for storing the contents of the Operator CD, while still allowing the contents to be accessible upon a planned Vault restart? (Choose three.)

Options:

A.

Store the CD in a physical safe and mount the CD every time Vault maintenance is performed

B.

Copy the entire contents of the CD to the system Safe on the Vault

C.

Copy the entire contents of the CD to a folder on the Vault Server and secure it with NTFS permissions

D.

Store the server key in a Hardware Security Module (HSM) and copy the rest the keys from the CD to a folder on the Vault Server and secure it with NTFS permissions

Question 4

Target account platforms can be restricted to accounts that are stored m specific Safes using the Allowed Safes property.

Options:

A.

TRUE

B.

FALSE

Question 5

Which command generates a full backup of the Vault?

Options:

A.

PAReplicate.exe Vault.ini /LogonFromFile user.ini /FullBackup

B.

PAPreBackup.exe C:\PrivateArk\Server\Conf\Vault.ini Backup/Asdf1234 /full

C.

PARestore.exe PADR ini /LogonFromFile vault.ini /FullBackup

D.

CAVaultManager.exe RecoverBackupFiles /BackupPoolName BkpSvr1

Question 6

Where can a user with the appropriate permissions generate a report? (Choose two.)

Options:

A.

PVWA > Reports

B.

PrivateArk Client

C.

Cluster Vault Manager

D.

PrivateArk Server Monitor

E.

PARClient

Question 7

A new HTML5 Gateway has been deployed in your organization.

From the PVWA, arrange the steps to configure a PSM host to use the HTML5 Gateway in the correct sequence.

Options:

Question 8

When onboarding multiple accounts from the Pending Accounts list, which associated setting must be the same across the selected accounts?

Options:

A.

Platform

B.

Connection Component

C.

CPM

D.

Vault

Question 9

When are external vault users and groups synchronized by default?

Options:

A.

They are synchronized once every 24 hours between 1 AM and 5 AM. Most Voted

B.

They are synchronized once every 24 hours between 7 PM and 12 AM.

C.

They are synchronized every 2 hours.

D.

They are not synchronized according to a specific schedule.

Question 10

CyberArk recommends implementing object level access control on all Safes.

Options:

A.

True

B.

False

Question 11

Match each PTA alert category with the PTA sensors that collect the data for it.

Options:

Question 12

Which statement about the Master Policy best describes the differences between one-time password and exclusive access functionality?

Options:

A.

Exclusive access means that only a specific group of users may use the account. After an account on a one-time password platform is used, the account is deleted from the safe automatically.

B.

Exclusive access locks the account indefinitely. One-time password can be used replace invalid account passwords.

C.

Exclusive access is enabled by default in the Master Policy. One-time password should only be enabled for emergencies.

D.

Exclusive access allows only one person to check-out an account at a time. One-time password schedules an account for a password change after the MinValidityPeriod period expires.

Question 13

Which Automatic Remediation is configurable for a PTA detection of a “Suspected Credential Theft”?

Options:

A.

Add to Pending

B.

Rotate Credentials

C.

Reconcile Credentials

D.

Disable Account

Question 14

All of your Unix root passwords are stored in the safe UnixRoot. Dual control is enabled for some of the accounts in that safe. The members of the AD group UnixAdmins need to be able to use the show, copy, and connect buttons on those passwords at any time without confirmation. The members of the AD group Operations Staff need to be able to use the show, copy and connect buttons on those passwords on an emergency basis, but only with the approval of a member of Operations Managers never need to be able to use the show, copy or connect buttons themselves.

Which safe permission do you need to grant Operations Staff? Check all that apply.

Options:

A.

Use Accounts

B.

Retrieve Accounts

C.

Authorize Password Requests

D.

Access Safe without Authorization

Question 15

Match the connection component to the corresponding OS/Function.

Options:

Question 16

Select the best practice for storing the Master CD.

Options:

A.

Copy the files to the Vault server and discard the CD

B.

Copy the contents of the CD to a Hardware Security Module (HSM) and discard the CD

C.

Store the CD in a secure location, such as a physical safe

D.

Store the CD in a secure location, such as a physical safe, and copy the contents of the CD to a folder secured with NTFS permissions on the Vault

Question 17

As long as you are a member of the Vault Admins group you can grant any permission on any safe.

Options:

A.

TRUE

B.

FALSE

Question 18

Within the Vault each password is encrypted by:

Options:

A.

the server key

B.

the recovery public key

C.

the recovery private key

D.

its own unique key

Question 19

Due to corporate storage constraints, you have been asked to disable session monitoring and recording for 500 testing accounts used for your lab environment.

How do you accomplish this?

Options:

A.

Master Policy>select Session Management>add Exceptions to the platform(s)>disable Session Monitoring and Recording policies

B.

Administration>Platform Management>select the platform(s)>disable Session Monitoring and Recording Most Voted

C.

Polices>Access Control (Safes)>select the safe(s)>disable Session Monitoring and Recording policies

D.

Administration>Configuration Options>Options>select Privilege Session Management>disable Session Monitoring and Recording policies

Question 20

A user requested access to view a password secured by dual-control and is unsure who to contact to expedite the approval process. The Vault Admin has been asked to look at the account and identify who can approve their request.

What is the correct location to identify users or groups who can approve?

Options:

A.

PVWA> Administration > Platform Configuration > Edit Platform > UI & Workflow > Dual Control> Approvers

B.

PVWA> Policies > Access Control (Safes) > Safe Members > Workflow > Authorize Password Requests

C.

PVWA> Account List > Edit > Show Advanced Settings > Dual Control > Direct Managers

D.

PrivateArk > Admin Tools > Users and Groups > Auditors (Group Membership)

Question 21

Which service should NOT be running on the DR Vault when the primary Production Vault is up?

Options:

A.

PrivateArk Database

B.

PrivateArk Server

C.

CyberArk Vault Disaster Recovery (DR) service

D.

CyberArk Logical Container

Question 22

An auditor needs to login to the PSM in order to live monitor an active session. Which user ID is used to establish the RDP connection to the PSM server?

Options:

A.

PSMConnect

B.

PSMMaster

C.

PSMGwUser

D.

PSMAdminConnect

Question 23

Which Master Policy Setting must be active in order to have an account checked-out by one user for a pre-determined amount of time?

Options:

A.

Require dual control password access Approval

B.

Enforce check-in/check-out exclusive access

C.

Enforce one-time password access

D.

Enforce check-in/check-out exclusive access & Enforce one-time password access

Question 24

Which parameters can be used to harden the Credential Files (CredFiles) while using CreateCredFile Utility? (Choose three.)

Options:

A.

Operating System Username

B.

Host IP Address

C.

Client Hostname

D.

Operating System Type (Linux/Windows/HP-UX)

E.

Vault IP Address

F.

Time Frame

Question 25

Which master policy settings ensure non-repudiation?

Options:

A.

Require password verification every X days and enforce one-time password access.

B.

Enforce check-in/check-out exclusive access and enforce one-time password access.

C.

Allow EPV transparent connections ('Click to connect') and enforce check-in/check-out exclusive access.

D.

Allow EPV transparent connections ('Click to connect') and enforce one-time password access.

Question 26

By default, members of which built-in groups will be able to view and configure Automatic Remediation and Session Analysis and Response in the PVWA?

Options:

A.

Vault Admins

B.

Security Admins

C.

Security Operators

D.

Auditors

Question 27

As long as you are a member of the Vault Admins group, you can grant any permission on any safe that you have access to.

Options:

A.

TRUE

B.

FALSE

Question 28

When on-boarding account using Accounts Feed, Which of the following is true?

Options:

A.

You must specify an existing Safe where are account will be stored when it is on boarded to the Vault

B.

You can specify the name of a new sale that will be created where the account will be stored when it is on-boarded to the Vault.

C.

You can specify the name of a new Platform that will be created and associated with the account

D.

Any account that is on boarded can be automatically reconciled regardless of the platform it is associated with.

Question 29

Which methods can you use to add a user directly to the Vault Admin Group? (Choose three.)

Options:

A.

REST API

B.

PrivateArk Client

C.

PACLI

D.

PVWA

E.

Active Directory

F.

Sailpoint

Question 30

Match each component to its respective Log File location.

Options:

Question 31

Users who have the 'Access Safe without confirmation' safe permission on a safe where accounts are configured for Dual control, still need to request approval to use the account.

Options:

A.

TRUE

B.

FALSE

Question 32

In a default CyberArk installation, which group must a user be a member of to view the “reports” page in PVWA?

Options:

A.

PVWAMonitor

B.

ReportUsers

C.

PVWAReports

D.

Operators

Question 33

Where can you check that the LDAP binding is using TCP/636?

Options:

A.

in Active Directory under "Users OU" => "User Properties" => "External Bindings" => "Port"

B.

in PVWA, under "LDAP Integration" => "LDAP" => "Directories" => "" => "Hosts" => "Host"

C.

in PrivateArk Client, under "Tools" => "Administrative Tools" => "Directory Mapping" => ""

D.

From the PVWA, connect to the domain controller using Test-NetConnection on Port 636.

Question 34

PSM captures a record of each command that was executed in Unix.

Options:

A.

TRIE

B.

FALSE

Question 35

You created a new platform by duplicating the out-of-box Linux through the SSH platform.

Without any change, which Text Recorder Type(s) will the new platform support? (Choose two.)

Options:

A.

SSH Text Recorder

B.

Universal Keystrokes Text Recorder

C.

Events Text Recorder

D.

SQL Text Recorder

E.

Telnet Commands Text Recorder

Question 36

When a DR Vault Server becomes an active vault, it will automatically fail back to the original state once the Primary Vault comes back online.

Options:

A.

True; this is the default behavior

B.

False; this is not possible

C.

True, if the AllowFailback setting is set to “yes” in the padr.ini file

D.

True, if the AllowFailback setting is set to “yes” in the dbparm.ini file

Question 37

Which user(s) can access all passwords in the Vault?

Options:

A.

Administrator

B.

Any member of Vault administrators

C.

Any member of auditors

D.

Master

Question 38

You are onboarding 5,000 UNIX root accounts for rotation by the CPM. You discover that the CPM is unable to log in directly with the root account and will need to use a secondary account.

How should this be configured to allow for password management using least privilege?

Options:

A.

Configure each CPM to use the correct logon account.

B.

Configure each CPM to use the correct reconcile account.

C.

Configure the UNIX platform to use the correct logon account.

D.

Configure the UNIX platform to use the correct reconcile account.

Question 39

Refer to the exhibit.

Why is user "EMEALevel2Support" unable to change the password for user "Operator"?

Options:

A.

EMEALevel2Support’s hierarchy level is not the same or higher than Operator.

B.

EMEALevel2Support does not have the "Manage Directory Mapping" role.

C.

Operator can only be reset by the Master user.

D.

EMEALevel2Support does not have rights to reset passwords for other users.

Question 40

Secure Connect provides the following. Choose all that apply.

Options:

A.

PSM connections to target devices that are not managed by CyberArk.

B.

Session Recording

C.

Real-time live session monitoring.

D.

PSM connections from a terminal without the need to login to the PVWA

Question 41

You need to enable the PSM for all platforms.

Where do you perform this task?

Options:

A.

Platform Management > (Platform) > UI & Workflows

B.

Master Policy > Session Management

C.

Master Policy > Privileged Access Workflows

D.

Administration > Options > Connection Components

Question 42

To ensure all sessions are being recorded, a CyberArk administrator goes to the master policy and makes configuration changes.

Which configuration is correct?

Options:

A.

Require privileged session monitoring and isolation = inactive; Record and save session activity = active.

B.

Require privileged session monitoring and isolation = inactive; Record and save session activity = inactive.

C.

Require privileged session monitoring and isolation = active; Record and save session activity = active.

D.

Require privileged session monitoring and isolation = active; Record and save session activity = inactive.

Question 43

In PVWA, you are attempting to play a recording made of a session by user jsmith, but there is no option to “Fast Forward” within the video. It plays and only allows you to skip between commands instead. You are also unable to download the video.

What could be the cause?

Options:

A.

Recording is of a PSM for SSH session.

B.

The browser you are using is out of date and needs an update to be supported.

C.

You do not have the “View Audit” permission on the safe where the account is stored.

D.

You need to update the recorder settings in the platform to enable screen capture every 10000 ms or less.

Question 44

You have been asked to turn off the time access restrictions for a safe.

Where is this setting found?

Options:

A.

PrivateArk

B.

RestAPI

C.

Password Vault Web Access (PVWA)

D.

Vault

Question 45

Match the log file name with the CyberArk Component that generates the log.

Options:

Question 46

You received a notification from one of your CyberArk auditors that they are missing Vault level audit permissions. You confirmed that all auditors are missing the Audit Users Vault permission.

Where do you update this permission for all auditors?

Options:

A.

Private Ark Client > Tools > Administrative Tools > Directory Mapping > Vault Authorizations

B.

Private Ark Client > Tools > Administrative Tools > Users and Groups > Auditors > Authorizations tab

C.

PVWA User Provisioning > LDAP integration > Vault Auditors Mapping > Vault Authorizations

D.

PVWA> Administration > Configuration Options > LDAP integration > Vault Auditors Mapping > Vault Authorizations

Question 47

The Active Directory User configured for Windows Discovery needs which permission(s) or membership?

Options:

A.

Member of Domain Admin Group

B.

Member of LDAP Admin Group

C.

Read and Write Permissions

D.

Read Only Permissions

Question 48

You are logging into CyberArk as the Master user to recover an orphaned safe.

Which items are required to log in as Master?

Options:

A.

Master CD, Master Password, console access to the Vault server, Private Ark Client

B.

Operator CD, Master Password, console access to the PVWA server, PVWA access

C.

Operator CD, Master Password, console access to the Vault server, Recover.exe

D.

Master CD, Master Password, console access to the PVWA server, Recover.exe

Question 49

To use PSM connections while in the PVWA, what are the minimum safe permissions a user or group will need?

Options:

A.

List Accounts, Use Accounts

B.

List Accounts, Use Accounts, Retrieve Accounts

C.

Use Accounts

D.

List Accounts, Use Accounts, Retrieve Accounts, Access Safe without confirmation

Question 50

What is the purpose of the HeadStartlnterval setting m a platform?

Options:

A.

It determines how far in advance audit data is collected tor reports

B.

It instructs the CPM to initiate the password change process X number of days before expiration.

C.

It instructs the AIM Provider to ‘skip the cache' during the defined time period

D.

It alerts users of upcoming password changes x number of days before expiration.

Question 51

What must you specify when configuring a discovery scan for UNIX? (Choose two.)

Options:

A.

Vault Administrator

B.

CPM Scanner

C.

root password for each machine

D.

list of machines to scan

E.

safe for discovered accounts

Question 52

You have been asked to turn off the time access restrictions for a safe.

Where is this setting found?

Options:

A.

PrivateArk Client

B.

RestAPI

C.

PVWA

D.

Vault

Question 53

Due to network activity, ACME Corp’s PrivateArk Server became active on the OR Vault while the Primary Vault was also running normally. All the components continued to point to the Primary Vault.

Which steps should you perform to restore DR replication to normal?

Options:

A.

Replicate data from DR Vault to Primary Vault > Shutdown PrivateArk Server on DR Vault > Start replication on DR vault

B.

Shutdown PrivateArk Server on DR Vault > Start replication on DR vault

C.

Shutdown PrivateArk Server on Primary Vault > Replicate data from DR Vault to Primary Vault > Shutdown PrivateArk Server on DR Vault > Start replication on DR vault

D.

Shutdown PrivateArk Server on DR Vault > Replicate data from DR Vault to Primary Vault > Shutdown PrivateArk Server on DR Vault > Start replication on DR vault

Question 54

You want to give a newly-created group rights to review security events under the Security pane. You also want to be able to update the status of these events.

Where must you update the group to allow this?

Options:

A.

in the PTAAuthorizationGroups parameter, found in Administration > Options > PTA

B.

in the PTAAuthorizationGroups parameter, found in Administration > Options > General

C.

in the SecurityEventsAuthorizationGroups parameter, found in Administration > Security > Options

D.

in the SecurityEventsFeedAuthorizationGroups parameter, found in Administration > Options > General

Question 55

What is required to enable access over SSH to a Unix account through both PSM and PSMP?

Options:

A.

The platform must contain connection components for PSM-SSH and PSMP-SSH.

B.

PSM and PSMP must already have stored the SSH Fingerprint for the Unix host.

C.

The 'Enable PSMP' setting in the Unix platform must be set to Yes.

D.

A duplicate platform (Called) with the PSMP settings must be created.

Question 56

It is possible to restrict the time of day, or day of week that a [b]verify[/b] process can occur

Options:

A.

TRUE

B.

FALSE

Question 57

Which file must be edited on the Vault to configure it to send data to PTA?

Options:

A.

dbparm.ini

B.

PARAgent.ini

C.

my.ini

D.

padr.ini

Question 58

It is possible to control the hours of the day during which a user may log into the vault.

Options:

A.

TRUE

B.

FALSE

Question 59

The Vault administrator can change the Vault license by uploading the new license to the system Safe.

Options:

A.

True

B.

False

Question 60

Match the built-in Vault User with the correct definition.

Options:

Question 61

PTA can automatically suspend sessions if suspicious activities are detected in a privileged session, but only if the session is made via the CyberArk PSM.

Options:

A.

True

B.

False, the PTA can suspend sessions whether the session is made via the PSM or not

Question 62

You are configuring CyberArk to use HTML5 gateways exclusively for PSM connections.

In the PVWA, where do you set DefaultConnectionMethod to HTML5?

Options:

A.

Options > Privileged Session Management UI

B.

Options > Privileged Session Management

C.

Options > Privileged Session Management Defaults

D.

Options > Privileged Session Management Interface

Question 63

Match the Status of Service on a DR Vault to what is displayed when it is operating normally in Replication mode.

Options:

Question 64

Vault admins must manually add the auditors group to newly created safes so auditors will have sufficient access to run reports.

Options:

A.

TRUE

B.

FALSE

Question 65

Which Cyber Are components or products can be used to discover Windows Services or Scheduled Tasks that use privileged accounts? Select all that apply.

Options:

A.

Discovery and Audit (DMA)

B.

Auto Detection (AD)

C.

Export Vault Data (EVD)

D.

On Demand Privileges Manager (OPM)

E.

Accounts Discovery

Question 66

VAULT authorizations may be granted to_____.

Options:

A.

Vault Users

B.

Vault Groups

C.

LDAP Users

D.

LDAP Groups

Question 67

What are the minimum permissions to add multiple accounts from a file when using PVWA bulk-upload? (Choose three.)

Options:

A.

add accounts

B.

rename accounts

C.

update account content

D.

update account properties

E.

view safe members

F.

add safes

Question 68

The Privileged Access Management solution provides an out-of-the-box target platform to manage SSH keys, called UNIX Via SSH Keys.

How are these keys managed?

Options:

A.

CyberArk stores Private keys in the Vault and updates Public keys on target systems.

B.

CyberArk stores Public keys in the Vault and updates Private keys on target systems.

C.

CyberArk does not store Public or Private keys and instead uses a reconcile account to create keys on demand.

D.

CyberArk stores both Private and Public keys and can update target systems with either key.

Question 69

What is the chief benefit of PSM?

Options:

A.

Privileged session isolation

B.

Automatic password management

C.

Privileged session recording

D.

‘Privileged session isolation’ and ‘Privileged session recording’

Question 70

A new colleague created a directory mapping between the Active Directory groups and the Vault.

Where can the newly Configured directory mapping be tested?

Options:

A.

Connect to the Active Directory and ensure the organizational unit exists.

B.

Connect to Sailpoint (or similar tool) to ensure the organizational unit is correctly named; log in to the PVWA with "Administrator" and confirm authentication succeeds.

C.

Search for members that exist only in the mapping group to grant them safe permissions through the PVWA.

D.

Connect to the PrivateArk Client with the Administrator Account to see if there is a user in the Vault Admin Group.

Question 71

Users are unable to launch Web Type Connection components from the PSM server. Your manager asked you to open the case with CyberArk Support.

Which logs will help the CyberArk Support Team debug the issue? (Choose three.)

Options:

A.

PSMConsole.log

B.

PSMDebug.log

C.

PSMTrace.log

D.

.Component.log

E.

PMconsole.log

F.

ITAlog.log

Question 72

What are the mandatory fields when onboarding from Pending Accounts? (Choose two.)

Options:

A.

Address

B.

Safe

C.

Account Description

D.

Platform

E.

CPM

Page: 1 / 18
Total 239 questions