CyberArk cau302 practice test

Defender + Sentry Exam


Question 1

In order to connect to a target device through PSM, the account credentials used for the connection
must be stored in the vault.

  • A. True.
  • B. False. Because the user can also enter credentials manually using Ad-Hoc Access.
  • C. False. Because if credentials are not stored in the vault, the PSM will log into the target device as PSMConnect.
  • D. False. Because if credentials are not stored in the vault, the PSM will prompt for credentials.
Answer:

C

Discussions

Question 2

During the process of installing the Central Policy Manager (CPM), the Vault administrator will be
asked to provide the credentials for an administrative user in the Vault. For which purpose are these
credentials used?

  • A. The credentials will be used later by the CPM to retrieve passwords from the Vault.
  • B. The credentials are used by the installer to register the CPM in the CyberArk database.
  • C. The credentials are used by the installer to authenticate to the Vault and create the Central Policy Manager (CPM) environment (Safes, users, etc.).
  • D. The credentials will be used later by the CPM to update passwords in the Vault.
Answer:

C

Discussions

Question 3

In a Distributed Vaults environment, which of the following components will NOT be communicating
with the Satellite Vaults?

  • A. AAM Credential Provider (previously known as AIM Credential Provider)
  • B. ExportVaultData utility
  • C. PAReplicate utility
  • D. Central Policy Manager
Answer:

D

Discussions

Question 4

A Simple Network Management Protocol (SNMP) integration allows the Vault administrator to
forward ITALOG records to a monitoring solution.

  • A. True
  • B. False
Answer:

B

Discussions

Question 5

After the Vault server is installed, the Microsoft Windows firewall is now commandeered by the
Vault. Can the administrator change these firewall rules?

  • A. Yes, but the administrator can only modify the firewall rules by editing the dbparm.ini file and the restarting the Vault.
  • B. Yes, the administrator can still modify firewall rules via the Windows firewall interface.
  • C. No, the Vault does not permit any changes to the firewall due to security requirements.
  • D. Yes, but the administrator can only modify the firewall rules by editing the FirewallRules.ini file and the restarting the Vault.
Answer:

A

Discussions

Question 6

What is the process to remove object level access control from a Safe?

  • A. Uncheck the 'Enable Object Level Access Control' on the Safe Details page in the PVWA.
  • B. Uncheck the 'Enable Object Level Access Control' box in the Safe Properties in PrivateArk.
  • C. This cannot be done.
  • D. Remove all ACLs from the Safe.
Answer:

A

Discussions

Question 7

Which of these accounts onboarding methods is considered proactive?

  • A. Accounts Discovery
  • B. Detecting accounts with PTA
  • C. A Rest API integration with account provisioning software
  • D. A DNA scan
Answer:

B

Discussions

Question 8

What is the purpose of EVD?

  • A. To extract vault metadata into an open database platform.
  • B. To allow editing of vault metadata.
  • C. To create a backup of the MySQL database.
  • D. To extract audit data from the vault.
Answer:

D

Reference:
https://docs.cyberark.com/Product-
Doc/OnlineHelp/PAS/Latest/en/Content/Landing%20Pages/
lpExportVaultDataUtility.htm

Discussions

Question 9

Which is the purpose of the HeadStartInterval setting in a platform?

  • A. It determines how far in advance audit data is collected for reports.
  • B. It instructs the CPM to initiate the password change process certain number of days before expiration.
  • C. It instructs the AIM provider to 'skip the cache' during the defined time period.
  • D. It alerts users of upcoming password changes a certain number of days before expiration.
Answer:

B

Reference:
https://docs.cyberark.com/Product-
Doc/OnlineHelp/PrivCloud/Latest/en/Content/PASREF/
Automatic%20Password%20Management%20-%20Password%20Change.htm

Discussions

Question 10

Which of the following is considered a prerequisite for installing PSM?

  • A. IIS web services role
  • B. HTML5 Gateway
  • C. Provider
  • D. Remote Desktop Services
Answer:

D

Reference:
https://docs.cyberark.com/Product-
Doc/OnlineHelp/PAS/Latest/en/Content/PAS%20INST/Before
- Installing-PSM.htm

Discussions
To page 2