3 Months Free Update
3 Months Free Update
3 Months Free Update
Your organization has a requirement to allow users to “check out passwords” and connect to targets with the same account through the PSM.
What needs to be configured in the Master policy to ensure this will happen?
An auditor needs to login to the PSM in order to live monitor an active session. Which user ID is used to establish the RDP connection to the PSM server?
Customers who have the ‘Access Safe without confirmation’ safe permission on a safe where accounts are configured for Dual control, still need to request approval to use the account.
To manage automated onboarding rules, a CyberArk user must be a member of which group?
You are logging into CyberArk as the Master user to recover an orphaned safe.
Which items are required to log in as Master?
Which of the following files must be created or configured m order to run Password Upload Utility? Select all that apply.
If PTA is integrated with a supported SIEM solution, which detection becomes available?
You received a notification from one of your CyberArk auditors that they are missing Vault level audit permissions. You confirmed that all auditors are missing the Audit Users Vault permission.
Where do you update this permission for all auditors?
Which permissions are needed for the Active Directory user required by the Windows Discovery process?
Which certificate type do you need to configure the vault for LDAP over SSL?
If the AccountUploader Utility is used to create accounts with SSH keys, which parameter do you use to set the full or relative path of the SSH private key file that will be attached to the account?
To change the safe where recordings are kept for a specific platform, which setting must you update in the platform configuration?
It is possible to leverage DNA to provide discovery functions that are not available with auto-detection.
For an account attached to a platform that requires Dual Control based on a Master Policy exception, how would you configure a group of users to access a password without approval.
How much disk space do you need on a server to run a full replication with PAReplicate?
Which CyberArk group does a user need to be part of to view recordings or live monitor sessions?
When on-boarding account using Accounts Feed, Which of the following is true?
One can create exceptions to the Master Policy based on ____________________.
Which Master Policy Setting must be active in order to have an account checked-out by one user for a pre-determined amount of time?
You are configuring a Vault HA cluster.
Which file should you check to confirm the correct drives have been assigned for the location of the Quorum and Safes data disks?
A user requested access to view a password secured by dual-control and is unsure who to contact to expedite the approval process. The Vault Admin has been asked to look at the account and identify who can approve their request.
What is the correct location to identify users or groups who can approve?
By default, members of which built-in groups will be able to view and configure Automatic Remediation and Session Analysis and Response in the PVWA?
Due to network activity, ACME Corp’s PrivateArk Server became active on the OR Vault while the Primary Vault was also running normally. All the components continued to point to the Primary Vault.
Which steps should you perform to restore DR replication to normal?
If a password is changed manually on a server, bypassing the CPM, how would you configure the account so that the CPM could resume management automatically?
What are the minimum permissions to add multiple accounts from a file when using PVWA bulk-upload? (Choose three.)
Which parameter controls how often the CPM looks for Soon-to-be-expired Passwords that need to be changed.
For Digital Vault Cluster in a high availability configuration, how does the cluster determine if a node is down?
You want to build a connector that connects to a website through the Web applications for PSM framework.
Which default connector do you duplicate and modify?
A password compliance audit found:
1) One-time password access of 20 domain accounts that are members of Domain Admins group in Active Directory are not being enforced.
2) All the sessions of connecting to domain controllers are not being recorded by CyberArk PSM.
What should you do to address these findings?
When a DR Vault Server becomes an active vault, it will automatically fail back to the original state once the Primary Vault comes back online.
A Vault Administrator team member can log in to CyberArk, but for some reason, is not given Vault Admin rights.
Where can you check to verify that the Vault Admins directory mapping points to the correct AD group?
Which accounts can be selected for use in the Windows discovery process? (Choose two.)
You have been asked to identify the up or down status of Vault services.
Which CyberArk utility can you use to accomplish this task?
Which of the following properties are mandatory when adding accounts from a file? (Choose three.)
What is the configuration file used by the CPM scanner when scanning UNIX/Linux devices?
It is possible to restrict the time of day, or day of week that a [b]reconcile[/b] process can occur
Which Automatic Remediation is configurable for a PTA detection of a “Suspected Credential Theft”?
Which Cyber Are components or products can be used to discover Windows Services or Scheduled Tasks that use privileged accounts? Select all that apply.
When an account is unable to change its own password, how can you ensure that password reset with the reconcile account is performed each time instead of a change?
What are the mandatory fields when onboarding from Pending Accounts? (Choose two.)
The primary purpose of exclusive accounts is to ensure non-repudiation (Individual accountability).
Which command configures email alerts within PTA if settings need to be changed post install?
You are creating a new Rest API user that utilizes CyberArk Authentication.
What is a correct process to provision this user?
When a DR Vault Server becomes an active vault, it will automatically revert back to DR mode once the Primary Vault comes back online.
It is possible to restrict the time of day, or day of week that a [b]verify[/b] process can occur
You have been asked to turn off the time access restrictions for a safe.
Where is this setting found?
A new HTML5 Gateway has been deployed in your organization.
From the PVWA, arrange the steps to configure a PSM host to use the HTML5 Gateway in the correct sequence.
Arrange the steps to restore a Vault using PARestore for a Backup in the correct sequence.
Which of the following PTA detections require the deployment of a Network Sensor or installing the PTA Agent on the domain controller?