CyberArk epm-def practice test

CyberArk Endpoint Privilege Manager

Last exam update: Nov 18 ,2025
Page 1 out of 4. Viewing questions 1-15 out of 60

Question 1

A Helpdesk technician needs to provide remote assistance to a user whose laptop cannot connect to
the Internet to pull EPM policies. What CyberArk EPM feature should the Helpdesk technician use to
allow the user elevation capabilities?

  • A. Offline Policy Authorization Generator
  • B. Elevate Trusted Application If Necessary
  • C. Just In Time Access and Elevation
  • D. Loosely Connected Devices Credential Management
Mark Question:
Answer:

C


User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2

Which user or group will not be removed as part of CyberArk EPM's Remove Local Administrators
feature?

  • A. Built-in Local Administrator
  • B. Domain Users
  • C. Admin Users
  • D. Power Users
Mark Question:
Answer:

A


Explanation:
Reference:
https://docs.cyberark.com/Product-
Doc/OnlineHelp/EPM/21.9/en/Content/EPM/Server%20User%20Guide/ManageLocalAdministrators
.htm

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

An end user is reporting that an application that needs administrative rights is crashing when
selecting a certain option menu item. The Application is part of an advanced elevate policy and is
working correctly except when using that menu item.
What could be the EPM cause of the error?

  • A. The Users defined in the advanced policy do not include the end user running the application.
  • B. The Advanced: Time options are not set correctly to include the time that the user is running the application at.
  • C. The Elevate Child Processes option is not enabled.
  • D. The Specify permissions to be set for selected Services on End-user Computers is set to Allow Start/Stop
Mark Question:
Answer:

C


User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

Which setting in the agent configuration controls how often the agent sends events to the EPM
Server?

  • A. Event Queue Flush Period
  • B. Heartbeat Timeout
  • C. Condition Timeout
  • D. Policy Update Rate
Mark Question:
Answer:

A


User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5

Which of the following application options can be used when defining trusted sources?

  • A. Publisher, Product, Size, URL
  • B. Publisher, Name, Size, URI
  • C. Product, URL, Machine, Package
  • D. Product, Publisher, User/Group, Installation Package
Mark Question:
Answer:

D


User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6

What EPM component is responsible for communicating password changes in credential rotation?

  • A. EPM Agent
  • B. EPM Server
  • C. EPM API
  • D. EPM Discovery
Mark Question:
Answer:

B


Explanation:
Reference:
https://docs.cyberark.com/Product-
Doc/OnlineHelp/EPM/Latest/en/Content/Policies/CredentialsRotation-NewUI.htm

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7

An EPM Administrator would like to notify end users whenever the Elevate policy is granting users
elevation for their applications. Where should the EPM Administrator go to enable the end-user
dialog?

  • A. End-user UI in the left panel of the console
  • B. Advanced, Agent Configurations
  • C. Default Policies
  • D. End-User UI within the policy
Mark Question:
Answer:

D


Explanation:
Reference:
https://docs.cyberark.com/Product-
Doc/OnlineHelp/EPM/Latest/en/Content/EndUser/EndUserDialogs.htm

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

Which of the following is CyberArk's Recommended FIRST roll out strategy?

  • A. Implement Application Control
  • B. Implement Privilege Management
  • C. Implement Threat Detection
  • D. Implement Ransomware Protection
Mark Question:
Answer:

B


Explanation:
Reference: https://hkrtrainings.com/what-is-cyberark

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 9

An EPM Administrator would like to include a particular file extension to be monitored and protected
under Ransomware Protection. What setting should the EPM Administrator configure to add the
extension?

  • A. Authorized Applications (Ransomware Protection)
  • B. Files to be Ignored Always
  • C. Anti-tampering Protection
  • D. Default Policies
Mark Question:
Answer:

A


Explanation:
Reference:
https://docs.cyberark.com/Product-
Doc/OnlineHelp/EPM/Latest/en/Content/EPM/Server%20User%20Guide/PrivMgmnt-Ransomware-
NewUI.htm

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

When deploying EPM and in the Privilege Management phase what is the purpose of Discovery?

  • A. To identify all non-administrative events
  • B. To identify all administrative level events
  • C. To identify both administrative and non-administrative level events
  • D. To identify non-administrative threats
Mark Question:
Answer:

C


User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 11

What are Trusted sources for Windows endpoints used for?

  • A. Creating policies that contain trusted sources of applications.
  • B. Defining applications that can be used by the developers.
  • C. Listing all the approved application to the end users.
  • D. Managing groups added by recommendation.
Mark Question:
Answer:

C


User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 12

CyberArk's Privilege Threat Protection policies are available for which Operating Systems? (Choose
two.)

  • A. Windows Workstations
  • B. Windows Servers
  • C. MacOS
  • D. Linux
Mark Question:
Answer:

A, B


User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 13

Which threat intelligence source requires the suspect file to be sent externally?

  • A. NSRL
  • B. Palo Alto Wildfire
  • C. VirusTotal
  • D. CyberArk Application Risk Analysis Service (ARA)
Mark Question:
Answer:

C


User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 14

What feature is designed to exclude applications from CyberArk EPM's Ransomware Protection,
without whitelisting the application launch?

  • A. Trusted Sources
  • B. Authorized Applications (Ransomware Protection)
  • C. Threat Intelligence
  • D. Policy Recommendations
Mark Question:
Answer:

B


User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 15

An EPM Administrator would like to exclude an application from all Threat Protection modules.
Where should the EPM Administrator make this change?

  • A. Privilege Threat Protection under Policies.
  • B. Authorized Applications under Application Groups.
  • C. Protect Against Ransomware under Default Policies.
  • D. Threat Protection under Agent Configurations.
Mark Question:
Answer:

B


User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2