CyberArk Defender v1.0

Page:    1 / 12   
Exam contains 183 questions

What is the maximum number of levels of authorizations you can set up in Dual Control?

  • A. 1
  • B. 2
  • C. 3
  • D. 4


Answer : B

As long as you are a member of the Vault Admins group you can grant any permission on any safe.

  • A. TRUE
  • B. FALSE


Answer : B

In accordance with best practice, SSH access is denied for root accounts on UNIXLINUX system.
What is the BEST way to allow CPM to manage root accounts?

  • A. Create a privileged account on the target server. Allow this account the ability to SSH directly from the CPM machine. Configure this account of the target serverג€™s root account.
  • B. Create a non-privileged account on the target server. Allow this account the ability to SSH directly from the CPM machine. Configure this account as the Logon account of the target serverג€™s root account.
  • C. Configure the Unix system to allow SSH logins.
  • D. Configure the CPM to allow SSH logins.


Answer : B

Which of the following statements are NOT true when enabling PSM recording for a target Windows server? (Choose all that apply.)

  • A. The PSM software must be installed on the target server.
  • B. PSM must be enabled in the Master Policy (either directly, or through exception).
  • C. PSMConnect must be added as a local user on the target server.
  • D. RDP must be enabled on the target server.


Answer : C

The Password upload utility can be used to create safes.

  • A. TRUE
  • B. FALSE


Answer : A

Reference:
https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Password-Upload-Utility.htm

Which CyberArk components products can be used to discover Windows Services or Scheduled Tasks that use privileged accounts? (Choose all that apply.)

  • A. Discovery and Audit (DNA)
  • B. Auto Detection (AD)
  • C. Export Vault Data (EVD)
  • D. On Demand Privileges manager (OPM)
  • E. Accounts Discovery


Answer : AE

A Reconcile Account can be specified in the Master Policy.

  • A. TRUE
  • B. FALSE


Answer : B

In order to connect to a target device through PSM, the account credentials used for the connection must be stored in the vault?

  • A. True.
  • B. False. Because the user can also enter credentials manually using Secure Connect.
  • C. False. Because if credentials are not stored in the vault, the PSM will log into the target device as PSMConnect.
  • D. False. Because if credentials are not stored in the vault, the PSM will prompt for credentials.


Answer : B

SAFE Authorizations may be granted to _________________. (Choose all that apply.)

  • A. Vault Users
  • B. Vault Groups
  • C. LDAP Users
  • D. LDAP Groups


Answer : A

Secure Connect provides the following features. (Choose all that apply.)

  • A. PSM connections to target devices that are not managed by CyberArk.
  • B. Session Recording.
  • C. real-time live session monitoring.
  • D. PSM connections from a terminal without the need to login to the PVWA.


Answer : ABC

Reference:
https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Connecting-with-Secure-Connect.htm

Which onboarding method would you use to integrate CyberArk with your accounts provisioning process?

  • A. Accounts Discovery
  • B. Auto Detection
  • C. Onboarding RestAPI functions
  • D. PTA Rules


Answer : B

What is the purpose of a linked account?

  • A. To ensure that a particular collection of accounts all have the same password.
  • B. To ensure a particular set of accounts all change at the same time.
  • C. To connect the CPNI to a target system.
  • D. To allow more than one account to work together as part of a password management process.


Answer : D

Reference:
https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Linked-Accounts.htm

Which of the following PTA detections are included in the Core PAS offering?

  • A. Suspected Credential Theft
  • B. Over-Pass-The Hash
  • C. Golden Ticket
  • D. Unmanaged Privileged Access


Answer : D

Reference:
https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PTA/What-Does-PTA-Detect.htm

One can create exceptions to the Master Policy based on ____________________.

  • A. Safes
  • B. Platforms
  • C. Policies
  • D. Accounts


Answer : D

Reference:
https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/The-Master-Policy.htm

The vault supports Role Based Access Control.

  • A. TRUE
  • B. FALSE


Answer : B

Reference:
https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Object-Level-Access-Control.htm

Page:    1 / 12   
Exam contains 183 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us

Certlibrary doesn't offer Real Microsoft Exam Questions.
Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.