Cyberark Cau305 Practice Test

Question 1

Which type of automatic remediation can be performed by the PTA in case of a suspected credential
theft security event?

A. Password change
B. Password reconciliation
C. Session suspension
D. Session termination

Answer:

A

Reference:
https://docs.cyberark.com/Product-
Doc/OnlineHelp/PAS/Latest/en/Content/PTA/Security
- Configuration.htm

User Votes:

A

50%

B

50%

C

50%

D

50%

Discussions

vote your answer:

A

B

C

D

0 / 1000

Question 2

dbparm.ini is the main configuration file for the Vault.

A. True
B. False

Answer:

A

Reference:
https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASREF/
DBParm.ini.htm

User Votes:

A

50%

B

50%

Discussions

0 / 1000

Question 3

When working with the CyberArk High Availability Cluster, which services are running on the passive
node?

A. Cluster Vault Manager and PrivateArk Database
B. Cluster Vault Manager, PrivateArk Database and Remote Control Agent
C. Cluster Vault Manager
D. Cluster Vault Manager and Remote Control Agent

Answer:

C

Reference:
https://docs.cyberark.com/ProductDoc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Man
aging-the
- CyberArk-Digital-Cluster-Vault-Server.htm

User Votes:

A

50%

B

50%

C

50%

D

50%

Discussions

vote your answer:

A

B

C

D

0 / 1000

Question 4

When a DR Vault Server becomes an active vault, it will automatically revert back to DR mode once
the Primary Vault comes back online.

A. True, this is the default behavior. B.False, the Vault administrator must manually set the DR Vault to DR mode by setting "FailoverMode=no" in the padr.ini file.
C. True, if the AllowFailback setting is set to "yes" in the padr.ini file.
D. False, the Vault administrator must manually set the DR Vault to DR mode by setting "FailoverMode=no" in the dbparm.ini file.

Answer:

A

Reference:
https://docs.cyberark.com/Product-
Doc/OnlineHelp/PAS/11.3/en/Content/PASIMP/Initiating-DR
- Failback-to-Production-Vault.htm

User Votes:

A

50%

C

50%

D

50%

Discussions

vote your answer:

A

C

D

0 / 1000

Question 5

Which onboarding method is used to integrate CyberArk with the accounts provisioning process?

A. Accounts Discovery
B. Auto Detection
C. Onboarding RestAPI functions
D. PTA rules

Answer:

B

Reference:
https://docs.cyberark.com/ProductDoc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Provi
sioning
- Accounts-Automatically.htm

User Votes:

A

50%

B

50%

C

50%

D

50%

Discussions

vote your answer:

A

B

C

D

0 / 1000

Question 6

Which file is used to open up a non-standard firewall port to the Vault?

A. dbparm.ini
B. PARagent.ini
C. passparm.ini
D. Vault.ini

Answer:

A

User Votes:

A

50%

B

50%

C

50%

D

50%

Discussions

vote your answer:

A

B

C

D

0 / 1000

Question 7

When using multiple Central Policy Managers (CPM), which one of the following Safes is shared by all
CPMs?

A. PasswordManager
B. PasswordManager_Pending
C. PasswordManager_workspace
D. PasswordManager_ADIntemal

Answer:

A

Reference:
https://www.niap-ccevs.org/MMO/Product/st_vid11006-agd4.pdf
(558)

User Votes:

A

50%

B

50%

C

50%

D

50%

Discussions

vote your answer:

A

B

C

D

0 / 1000

Question 8

What are the functions of the Remote Control Agent service? (Choose three.)

A. Allows remote monitoring the Vault
B. Sends SNMP traps from the Vault
C. Maintains audit data
D. Allows CyberArk services to be managed (start/stop/status) remotely

Answer:

ABD

Reference:
https://docs.cyberark.com/Product-
Doc/OnlineHelp/PAS/Latest/en/Content/PAS%20INST/
Privileged-Account-Security-Remote-
Administration.htm#:~:text=The%20CyberArk%20Vault%20Remote%
20Control,and%20the%20Disaster%20Recovery%20Server

User Votes:

A

50%

B

50%

C

50%

D

50%

Discussions

vote your answer:

A

B

C

D

0 / 1000

Question 9

In a Distributed Vaults environment, which of the following components will NOT be communicating
with the Satellite Vaults?

A. AAM Credential Provider (previously known as AIM Credential Provider)
B. ExportVaultData utility
C. PAReplicate utility
D. Central Policy Manager

Answer:

D

User Votes:

A

50%

B

50%

C

50%

D

50%

Discussions

vote your answer:

A

B

C

D

0 / 1000

Question 10

When managing SSH keys, the Central Policy Manager (CPM) stores the private key
.

A. in the Vault
B. on the target server
C. in the Vault and on the target server
D. nowhere because the private key can always be generated from the public key

Answer:

A

Reference:
https://docs.cyberark.com/ProductDoc/OnlineHelp/PAS/Latest/en/Content/SSHKM/Mana
ging%
20SSH%20Keys.htm

User Votes:

A

50%

B

50%

C

50%

D

50%

Discussions

vote your answer:

A

B

C

D

0 / 1000

Question 11

The PSM requires the Remote Desktop Web Access role service.

A. True
B. False

Answer:

A

Reference:
https://docs.cyberark.com/ProductDoc/OnlineHelp/PAS/Latest/en/Content/PAS%20INST/
Before
- Installing-PSM.htm

User Votes:

A

50%

B

50%

Discussions

0 / 1000

Question 12

Access control to passwords is implemented by .

A. Vault authorizations
B. Safe authorizations
C. Master Policy
D. platform settings

Answer:

B

Reference:
https://docs.cyberark.com/Product-
Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Object-Level
- Access-Control.htm

User Votes:

A

50%

B

50%

C

50%

D

50%

Discussions

vote your answer:

A

B

C

D

0 / 1000

Question 13

During the process of installing the Central Policy Manager (CPM), the Vault administrator will be
asked to provide the credentials for an administrative user in the Vault.
For which purpose are these credentials used?

A. The credentials will be used later by the CPM to retrieve passwords from the Vault.
B. The credentials are used by the installer to register the CPM in the CyberArk database.
C. The credentials are used by the installer to authenticate to the Vault and create the Central Policy Manager (CPM) environment (Safes, users. etc.).
D. The credentials will be used later by the CPM to update passwords in the Vault.

Answer:

C

User Votes:

A

50%

B

50%

C

50%

D

50%

Discussions

vote your answer:

A

B

C

D

0 / 1000

Question 14

What is the purpose of the password verify process?

A. To test that CyberArk is storing accurate credentials for accounts.
B. To change the password of an account according to organizationally defined password rules.
C. To allow CyberArk to manage unknown or lost credentials.
D. To generate a new complex password.

Answer:

A

Reference:
https://docs.cyberark.com/ProductDoc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Verif
ying
Passwords.htm#:~:text=The%20CPM%20can%20verify%20password,manually%20by%20an%20
authorized% 20user

User Votes:

A

50%

B

50%

C

50%

D

50%

Discussions

vote your answer:

A

B

C

D

0 / 1000

Question 15

For a Safe with object level access control enabled the Vault administrator is able to turn off object
level access control when it no longer needed on the Safe.

A. True
B. False

Answer:

B

Reference:
https://docs.cyberark.com/Product-
Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Object-Level
- Access-Control.htm

User Votes:

A

50%

B

50%

Discussions

0 / 1000

CyberArk cau305 practice test

CyberArk CDE Recertification Exam

Last exam update: Nov 18 ,2025

Page 1 out of 5. Viewing questions 1-15 out of 65

Question 1

Answer:

User Votes:

Question 2

Answer:

User Votes:

Question 3

Answer:

User Votes:

Question 4

Answer:

User Votes:

Question 5

Answer:

User Votes:

Question 6

Answer:

User Votes:

Question 7

Answer:

User Votes:

Question 8

Answer:

User Votes:

Question 9

Answer:

User Votes:

Question 10

Answer:

User Votes:

Question 11

Answer:

User Votes:

Question 12

Answer:

User Votes:

Question 13

Answer:

User Votes:

Question 14

Answer:

User Votes:

Question 15

Answer:

User Votes: