CyberArk cau302 practice test

Defender + Sentry Exam

Last exam update: May 17 ,2024
Page 1 out of 16. Viewing questions 1-15 out of 236

Question 1

In order to connect to a target device through PSM, the account credentials used for the connection
must be stored in the vault.

  • A. True.
  • B. False. Because the user can also enter credentials manually using Ad-Hoc Access.
  • C. False. Because if credentials are not stored in the vault, the PSM will log into the target device as PSMConnect.
  • D. False. Because if credentials are not stored in the vault, the PSM will prompt for credentials.
Mark Question:
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2

During the process of installing the Central Policy Manager (CPM), the Vault administrator will be
asked to provide the credentials for an administrative user in the Vault. For which purpose are these
credentials used?

  • A. The credentials will be used later by the CPM to retrieve passwords from the Vault.
  • B. The credentials are used by the installer to register the CPM in the CyberArk database.
  • C. The credentials are used by the installer to authenticate to the Vault and create the Central Policy Manager (CPM) environment (Safes, users, etc.).
  • D. The credentials will be used later by the CPM to update passwords in the Vault.
Mark Question:
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

In a Distributed Vaults environment, which of the following components will NOT be communicating
with the Satellite Vaults?

  • A. AAM Credential Provider (previously known as AIM Credential Provider)
  • B. ExportVaultData utility
  • C. PAReplicate utility
  • D. Central Policy Manager
Mark Question:
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

A Simple Network Management Protocol (SNMP) integration allows the Vault administrator to
forward ITALOG records to a monitoring solution.

  • A. True
  • B. False
Mark Question:
Answer:

B

User Votes:
A
50%
B
50%
Discussions
vote your answer:
A
B
0 / 1000

Question 5

After the Vault server is installed, the Microsoft Windows firewall is now commandeered by the
Vault. Can the administrator change these firewall rules?

  • A. Yes, but the administrator can only modify the firewall rules by editing the dbparm.ini file and the restarting the Vault.
  • B. Yes, the administrator can still modify firewall rules via the Windows firewall interface.
  • C. No, the Vault does not permit any changes to the firewall due to security requirements.
  • D. Yes, but the administrator can only modify the firewall rules by editing the FirewallRules.ini file and the restarting the Vault.
Mark Question:
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6

What is the process to remove object level access control from a Safe?

  • A. Uncheck the 'Enable Object Level Access Control' on the Safe Details page in the PVWA.
  • B. Uncheck the 'Enable Object Level Access Control' box in the Safe Properties in PrivateArk.
  • C. This cannot be done.
  • D. Remove all ACLs from the Safe.
Mark Question:
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7

Which of these accounts onboarding methods is considered proactive?

  • A. Accounts Discovery
  • B. Detecting accounts with PTA
  • C. A Rest API integration with account provisioning software
  • D. A DNA scan
Mark Question:
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

What is the purpose of EVD?

  • A. To extract vault metadata into an open database platform.
  • B. To allow editing of vault metadata.
  • C. To create a backup of the MySQL database.
  • D. To extract audit data from the vault.
Mark Question:
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://docs.cyberark.com/Product-
Doc/OnlineHelp/PAS/Latest/en/Content/Landing%20Pages/
lpExportVaultDataUtility.htm

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 9

Which is the purpose of the HeadStartInterval setting in a platform?

  • A. It determines how far in advance audit data is collected for reports.
  • B. It instructs the CPM to initiate the password change process certain number of days before expiration.
  • C. It instructs the AIM provider to 'skip the cache' during the defined time period.
  • D. It alerts users of upcoming password changes a certain number of days before expiration.
Mark Question:
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://docs.cyberark.com/Product-
Doc/OnlineHelp/PrivCloud/Latest/en/Content/PASREF/
Automatic%20Password%20Management%20-%20Password%20Change.htm

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

Which of the following is considered a prerequisite for installing PSM?

  • A. IIS web services role
  • B. HTML5 Gateway
  • C. Provider
  • D. Remote Desktop Services
Mark Question:
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://docs.cyberark.com/Product-
Doc/OnlineHelp/PAS/Latest/en/Content/PAS%20INST/Before
- Installing-PSM.htm

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 11

Which type of automatic remediation can be performed by the PTA in case of a suspicious password
change security event?

  • A. Password change
  • B. Password reconciliation
  • C. Session suspension
  • D. Session termination
Mark Question:
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://docs.cyberark.com/Product-
Doc/OnlineHelp/PAS/Latest/en/Content/PTA/Security
- Configuration.htm

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 12

In a Disaster Recovery (DR) environment, which of the following should NEVER be configured for
automatic failover due to the possibility of split-brain phenomenon?

  • A. Password Vault Web Access (PVWA)
  • B. PSM
  • C. CPM
  • D. PTA
Mark Question:
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 13

When the PSM Gateway (also known as the HTML5 Gateway) is implemented, users must have an
RDP client, such as MSTSC, installed on their endpoint in order to launch connections via the PSM.

  • A. True
  • B. False. When the PSM Gateway is implemented, the user only requires a browser in order launch a connection via the PSM.
Mark Question:
Answer:

A

User Votes:
A
50%
B
50%

Reference:
https://docs.cyberark.com/Product-
Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/PSSO
- ConnectingDirectly.htm

Discussions
vote your answer:
A
B
0 / 1000

Question 14

How does the Vault administrator apply a new license file?

  • A. Upload the license.xml file to the system Safe and restart the PrivateArk Server service.
  • B. Upload the license.xml file to the system Safe.
  • C. Upload the license.xml file to the Vault Internal Safe and restart the PrivateArk Server service.
  • D. Upload the license.xml file to the Vault Internal Safe.
Mark Question:
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://docs.cyberark.com/Product-
Doc/OnlineHelp/PAS/11.1/en/Content/PASIMP/Managing-the
- CyberArk-License.htm

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 15

When using multiple Central Policy Managers (CPM), which one of the following Safes is shared by all
CPMs?

  • A. PasswordManagerSharedSafe
  • B. PasswordManager_Pending
  • C. PasswordManager_workspace
  • D. PasswordManager_ADInternal
Mark Question:
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://docs.cyberark.com/Product-
Doc/OnlineHelp/PAS/Latest/en/Content/PAS%20INST/The
-
Central-Policy-Manager-
Environment.htm

Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2