Exclusive access allows only one person to check-out an account at a time. One-time password schedules an account for a password change after the MinValidityPeriod period expires
CyberArk pam-def practice test
cyberark defender – pam
Question 1
DRAG DROP
Match each component to its respective Log File location.
Answer:
Discussions
0
/ 1000
Question 2
Which statement about the Master Policy best describes the differences between one-time password and exclusive access functionality?
- A. Exclusive access means that only a specific group of users may use the account. After an account on a one-time password platform is used, the account is deleted from the safe automatically.
- B. Exclusive access locks the account indefinitely. One-time password can be used replace invalid account passwords.
- C. Exclusive access is enabled by default in the Master Policy. One-time password should only be enabled for emergencies.
- D. Exclusive access allows only one person to check-out an account at a time. One-time password schedules an account for a password change after the MinValidityPeriod period expires. Most Votes
Answer:
d
Discussions
0
/ 1000
1 year ago
Question 3
What are common ways that organizations leverage the CyberArk Blueprint for Identity Security Success? (Choose three.)
- A. to understand the identity attack chain Most Votes
- B. to discover all digital identities
- C. to describe the explicit order of operations for Identity Security
- D. to assess an organizations security posture
- E. to build an Identity Security roadmap Most Votes
- F. to secure their human identities
Answer:
ade
Discussions
0
/ 1000
Question 4
Due to corporate storage constraints, you have been asked to disable session monitoring and recording for 500 testing accounts used for your lab environment.
How do you accomplish this?
- A. Master Policy>select Session Management>add Exceptions to the platform(s)>disable Session Monitoring and Recording policies
- B. Administration>Platform Management>select the platform(s)>disable Session Monitoring and Recording
- C. Polices>Access Control (Safes)>select the safe(s)>disable Session Monitoring and Recording policies
- D. Administration>Configuration Options>Options>select Privilege Session Management>disable Session Monitoring and Recording policies
Answer:
b
Discussions
0
/ 1000
Question 5
Which accounts can be selected for use in the Windows discovery process? (Choose two.)
- A. an account stored in the Vault
- B. an account specified by the user
- C. the Vault Administrator
- D. any user with Auditor membership
- E. the PasswordManager user
Answer:
bd
Discussions
0
/ 1000
5 months, 2 weeks ago
AB Select the user who will perform the scan. Either select an account from the Vault or manually specify a user and password: Select from Vault – Select a Vault account to run the scan. This is recommended for recurrent scans. Click Click to select an account from the Vault; a list of Vault accounts appears. These are all domain accounts in the specified domain
Question 6
Which dependent accounts does the CPM support out-of-the-box? (Choose three.)
- A. Solaris Configuration file
- B. Windows Services
- C. Windows Scheduled Tasks
- D. Windows DCOM Applications
- E. Windows Registry
- F. Key Tab file
Answer:
cef
Discussions
0
/ 1000
5 months, 2 weeks ago
https://docs.cyberark.com/pam-self-hosted/13.0/en/content/landing%20pages/lpserviceplugins.htm
1 month, 2 weeks ago
the answer BCE who make this answer
Question 7
You want to generate a license capacity report.
Which tool accomplishes this?
- A. Password Vault Web Access
- B. PrivateArk Client
- C. DiagnoseDB Report
- D. RestAPI
Answer:
c
Discussions
0
/ 1000
1 month, 2 weeks ago
the answer is B who made this dum???
Question 8
Which processes reduce the risk of credential theft? (Choose two.)
- A. require dual control password access approval
- B. require password change every X days
- C. enforce check-in/check-out exclusive access
- D. enforce one-time password access
Answer:
ab
Discussions
0
/ 1000
1 month, 1 week ago
Answeres are BD, b'cause AnD are for preventing from behavior activities and accessing vault in irregular day/hour
1 month, 1 week ago
Answeres are BD, b'cause AnD are for preventing from behavior activities and accessing vault in irregular day/hour
Question 9
Where can reconcile and/or logon accounts be linked to an account? (Choose two.)
- A. account settings
- B. platform settings
- C. master policy
- D. safe settings
- E. service account settings
Answer:
ae
Discussions
0
/ 1000
5 months, 2 weeks ago
https://docs.cyberark.com/privilege-cloud-standard/latest/en/content/pasimp/linked-pas-accounts.htm?TocPath=Administrators%7CManage%20your%20accounts%7C_____4
1 month, 1 week ago
It can be done at account level and platform level configuration
Question 10
Which CyberArk utility allows you to create lists of Master Policy Settings, owners and safes for output to text files or MSSQL databases?
- A. Export Vault Data
- B. Export Vault Information
- C. PrivateArk Client
- D. Privileged Threat Analytics
Answer:
a
Discussions
0
/ 1000
1 month, 1 week ago
The EVD can do this task
PTA System -> /opt/tomcat/logs; PSM for SSH -> /var/opt/CARKpsmp/logs/; Disaster Recovery -> C:\Program Files(x86)\PrivateArk\Server\PADR\