Is this exam completely free?

ExamCademy offers a free preview for every exam, covering around 20% of the total questions. Full access to all questions is available for free by signing up for an account. Optional supporters unlock AstroTutor (AI tutor) and advanced study modes.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! ExamCademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our practice questions are community-created and moderator-reviewed to align with realistic exam objectives, style, and difficulty.

ACCESS-DEF by CyberArk - Page 1 | ExamCademy

Mode Selection

Sort:

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

Question 13

That's the end of the Preview

Create a free account to unlock all questions for this exam.

Log In / Sign Up

Page 1 of 3 • Questions 1-25 of 64

1 2 3

→

Know a question that should be here? Contribute to this exam

Where can MFA filters be used? (Choose three.)

A User and Admin Portal login
B App level 2FA/MFA
C RADIUS
D Self-service password reset
E Editing personal profile attributes
F OAUTH2 connections

Which 2FA/MFA options can be used if users cannot use their mobile device? (Choose two.)

A FIDO2
B Security questions
C OAUTH2
D QR code
E Push notification app

A user's account information required for multi-factor authentication is not set up properly and is preventing the user from logging in.
What should you do?

A Use the MFA Unlock command in the Admin Portal to suspend multifactor authentication for 10 minutes.
B Delete the user's account and create a new one.
C Ask the user to delete all browser cookies, then try again.
D Change the user's directory source from Active Directory to LDAP for authentication.

Which statement is correct about the CyberArk Identity Windows Device Trust enrollment process?

A An enrollment code is optional.
B The endpoint does not need to be a domain-joined machine.
C You can define the maximum number of joinable endpoints.
D You can define the minimum number of joinable endpoints.

DRAG DROP -
A user wants to install the CyberArk Identity mobile app by using a QR code.
Arrange the steps to do this in the correct sequence.

Question Image

ACME Corporation employees access critical business web applications through CyberArk Identity. You notice a constant high volume of unauthorized traffic from 103.1.200.0/24 trying to gain access to the CyberArk Identity portal. Access to the CyberArk Identity portal is time sensitive. ACME decides to enforce IP restrictions to reduce vulnerability.
Which configuration can help achieve this?

A Log in to the CyberArk Identity Admin portal and define the IP range of 103.1.200.0/24 into the ACME Corporation IP range.
B Log in to the CyberArk Identity Admin portal and define the IP range of 103.1.200.0/24 into the blocked IP range.
C Implement device trust through the Windows Cloud Agent.
D Implement zero trust through the App Gateway.

Refer to the exhibit.
Which statements are correct regarding this Authentication Policy? (Choose two.)

Question Image

A Users will still be asked for their MFA even if they mistyped their username.
B If users have set up CyberArk Mobile Authenticator as an MFA, they will still receive the Push Notification to confirm the request even if they mistyped their password.
C Users will not be notified which challenge they failed if their login attempt failed.
D If users have set up a Security Question as an MFA, the Security Question will not be displayed to the user to answer even if they mistyped their password.
E If the first factor is password and the user is an Active Directory user and the Active Directory is unavailable, this setting does not matter because the user will not be able to authenticate through Active Directory credentials and will see the message "Active Directory not available".

An organization previously allowed users to add their personal apps on the Identity User Portal. This will soon be disabled due to policy changes.
What is the impact to the users for personal apps previously added to the User Portal?

A They will continue to function normally; however, users cannot add new apps.
B They will continue to display on the Apps screen and user devices; however, they will be greyed out and unavailable for any form of interaction.
C They will be deleted from the Apps screen and user devices.
D They will continue to display on the Apps screen and user devices; however, an error message will display when users try to open the application.

Refer to the exhibit.
Within the "Allow user notifications on multiple devices", if you leave the setting as Default (--), what happens if a user triggers a MFA Push notification and has enrolled three different devices?

Question Image

A The push notification will be sent to none of the enrolled devices.
B The push notification will be sent to the first enrolled device only.
C The push notification will be sent to all enrolled devices.
D The push notification will be sent to the last enrolled device only.

Which protocols can CyberArk provide MFA for VPN? (Choose two.)

A SAML
B RADIUS
C IMAP
D TACACS
E LDAP

DRAG DROP -
Your organization wants to automatically create user accounts with different Salesforce licenses (e.g., Salesforce, Identity, Chatter External).
In CyberArk Identity, arrange the steps to achieve this in the correct sequence.

Question Image

Which device enrollment settings are valid? (Choose two.)

A Send notification on device enrollment
B Enable invite based enrollment
C Minimum number of devices a user can enroll
D Reassign the device to another user
E Permanently delete device

What is considered an "Identity Provider Initiated" login to an application?

A After signing in to the CyberArk Identity portal, a user launches a SAML app by clicking an app tile.
B After visiting a third-party web app, a user is redirected to CyberArk Identity for authentication.
C A user visits a third party web app directly and signs in with local credentials.
D A user signs in to the CyberArk Identity portal and takes a screenshot of the portal to send to IT.

ACCESS-DEFPreview

Mode Selection

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

Question 13

That's the end of the Preview