In the screenshot displayed, you just configured the usage in CyberArk and want to update its password.
What is the least intrusive way to accomplish this?
AUse the ג€changeג€ button on the usage's details page.
BUse the ג€changeג€ button on the parent account's details page.
CUse the ג€syncג€ button on the usage's details page.
DUse the ג€reconcileג€ button on the parent account's details page.
You have associated a logon account to one of your UNIX root accounts in the vault. When attempting to change the root account's password the CPM will`¦
ALog in to the system as root, then change root's password.
BLog in to the system as the logon account, then change root's password
CLog in to the system as the logon account, run the su command to log in as root, and then change root's password.
DNone of these.
If a user is a member of more than one group that has authorizations on a safe, by default that user is granted____________________.
Athe vault will not allow this situation to occur.
Bonly those permissions that exist on the group added to the safe first.
Conly those permissions that exist in all groups to which the user belongs.
Dthe cumulative permissions of all the groups to which that user belongs.
What is the purpose of the CyberArk Event Notification Engine service?
AIt sends email messages from the Central Policy Manager (CPM)
BIt sends email messages from the Vault
CIt processes audit report messages
DIt makes Vault data available to components
Question 6
Guardian
0
Question 7
Guardian
Question 8
Sentry
Question 9
Defender
Question 10
Guardian
Question 11
Sentry
Question 12
Sentry
Question 13
Guardian
Question 14
Defender
Question 15
Defender
Question 16
Sentry
Question 17
Sentry
Question 18
Defender
Question 19
Defender
Question 20
Defender
Question 21
Defender
Question 22
Defender
Question 23
Defender
Question 24
Sentry
Question 25
Sentry
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ad
Want a break from the ads?
Become a Supporter and enjoy a completely ad-free experience, plus unlock Learn Mode, Exam Mode, AstroTutor AI, and more.
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
All of your Unix root passwords are stored in the safe UnixRoot. Dual control is enabled for some of the accounts in that safe. The members of the AD group
UnixAdmins need to be able to use the show, copy, and connect buttons on those passwords at any time without confirmation. The members of the AD group
OperationsStaff need to be able to use the show, copy and connect buttons on those passwords on an emergency basis, but only with the approval of a member of OperationsManagers. The members of OperationsManagers never need to be able to use the show, copy or connect buttons themselves.
Which safe permissions do you need to grant to OperationsStaff? (Choose all that apply.)
AUse Accounts
BRetrieve Accounts
CList Accounts
DAuthorize Password Requests
EAccess Safe without Authorization
A Logon Account can be specified in the Master Policy.
ATRUE
BFALSE
A Simple Mail Transfer Protocol (SMTP) integration is critical for monitoring Vault activity and facilitating workflow processes, such as Dual Control.
ATrue
BFalse
PTA can automatically suspend sessions if suspicious activities are detected in a privileged session, but only if the session is made via the CyberArk PSM.
ATrue
BFalse, the PTA can suspend sessions whether the session is made via the PSM or not
VAULT authorizations may be granted to ____________________. (Choose all that apply.)
AVault Users
BVault Groups
CLDAP Users
DLDAP Groups
What is the purpose of the Immediate Interval setting in a CPM policy?
ATo control how often the CPM looks for System Initiated CPM work.
BTo control how often the CPM looks for User Initiated CPM work.
CTo control how long the CPM rests between password changes.
DTo control the maximum amount of time the CPM will wait for a password change to complete.
Which utilities could you use to change debugging levels on the vault without having to restart the vault? (Choose all that apply.)
APAR Agent
BPrivateArk Server Central Administration
CEdit DBParm.ini in a text editor.
DSetup.exe
For an account attached to a platform that requires Dual Control based on a Master Policy exception, how would you configure a group of users to access a password without approval?
ACreate an exception to the Master Policy to exclude the group from the workflow process.
BEdit the master policy rule and modify the advanced 'Access safe without approval' rule to include the group.
COn the safe in which the account is stored grant the group the 'Access safe without audit' authorization.
DOn the safe in which the account is stored grant the group the 'Access safe without confirmation' authorization.
When on-boarding account using Accounts Feed, which of the following is true?
AYou must specify an existing Safe where the account will be stored when it is on-boarded to the Vault.
BYou can specify the name of a new safe that will be created where the account will be stored when it is on-boarded to the Vault.
CYou can specify the name of a new Platform that will be created and associated with the account.
DAny account that is on-boarded can be automatically reconciled regardless of the platform it is associated with.
Target account platforms can be restricted to accounts that are stored in specific Safes using the AllowedSafes property.
ATRUE
BFALSE
What is the name of the Platform parameter that controls how long a password will stay valid when One Time Passwords are enabled via the Master Policy?
AMinValidityPeriod
BInterval
CImmediateInterval
DTimeout
Which of the following statements are NOT true when enabling PSM recording for a target Windows server? (Choose all that apply.)
AThe PSM software must be installed on the target server.
BPSM must be enabled in the Master Policy (either directly, or through exception).
CPSMConnect must be added as a local user on the target server.
DRDP must be enabled on the target server.
Which CyberArk components products can be used to discover Windows Services or Scheduled Tasks that use privileged accounts? (Choose all that apply.)
ADiscovery and Audit (DNA)
BAuto Detection (AD)
CExport Vault Data (EVD)
DOn Demand Privileges manager (OPM)
EAccounts Discovery
SAFE Authorizations may be granted to _________________. (Choose all that apply.)
AVault Users
BVault Groups
CLDAP Users
DLDAP Groups
One can create exceptions to the Master Policy based on ____________________.
ASafes
BPlatforms
CPolicies
DAccounts
The vault supports Role Based Access Control.
ATRUE
BFALSE
By default, members of which built-in groups will be able to view and configure Automatic Remediation and Session Analysis and Response in the PVWA?
AVault Admins
BSecurity Admins
CSecurity Operators
DAuditors
The Accounts Feed contains:
AAccounts that were discovered by CyberArk in the last 30 days
BAccounts that were discovered by CyberArk that have not yet been onboarded
CAll accounts added to the vault in the last 30 days
DAll users added to CyberArk in the last 30 days
PSM for Windows (previously known as RDP Proxy) supports connections to the following target systems
AWindows
BUNIX
COracle
DAll of the above
Which of the following Privileged Session Management solutions provide a detailed audit log of session activities?
APSM (i.e., launching connections by clicking on the "Connect" button in the PVWA)
