Is this exam completely free?

ExamCademy offers a free preview for every exam, covering around 20% of the total questions. Full access to all questions is available for free by signing up for an account. Optional supporters unlock AstroTutor (AI tutor) and advanced study modes.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! ExamCademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our practice questions are community-created and moderator-reviewed to align with realistic exam objectives, style, and difficulty.

CAU302 by CyberArk - Page 1 | ExamCademy

Mode Selection

Question 1

Question 2

Question 3

When on-boarding accounts using Accounts Feed, which of the following is true?

A You must specify an existing Safe where the account will be stored when it is on-boarded to the Vault.
B You can specify the name of a new safe that will be created where the account will be stored when it is on-boarded to the Vault.
C You can specify the name of a new Platform that will be created and associated with the account.
D Any account that is on-boarded can be automatically reconciled regardless of the platform it is associated with.

Question 4

Select the best practice for storing the Master CD.

A Copy the files to the Vault Server and discard the CD.
B Copy the contents of the CD to a Hardware Security Module (HSM) and discard the CD.
C Store the CD in a secure location, such as a physical safe.
D Store the CD in a secure location, such as a physical safe, and copy the contents of the CD to a folder secured with NTFS permissions on the vault.

Question 5

Which combination of safe member permissions will allow End Users to log in to a remote machine transparently but NOT show or copy the password?

A Use Accounts, Retrieve Accounts, List Accounts
B Use Accounts, List Accounts
C Use Accounts
D List Accounts, Retrieve Accounts

Question 6

PSM for Windows (previously known as RDP Proxy) supports connections to the following target systems: __________ .

A Windows
B UNIX
C Oracle
D All of the above

Question 7

Using the SSH Key Manager it is possible to allow Central Policy Manager (CPM) to manage SSH Keys similarly to passwords.

A TRUE
B FALSE

Question 8

What is the purpose of the PrivateArk Database service?

A Maintains Vault metadata.
B Communicates with components.
C Sends email alerts from the vault.
D Executes password changes.

Question 9

The Vault Internal safe contains the configuration for an LDAP integration.

A TRUE
B FALSE

Question 10

What is the purpose of the Allowed Safes parameter in a Central Policy Manager (CPM) policy? (Choose all that apply.)

A To improve performance by reducing CPM workload.
B To prevent accidental use of a policy in the wrong Safe.
C To allow users to access only the passwords they should be able to access.
D To enforce Least Privilege in CyberArk.

Question 11

The Vault Internal safe contains all of the configuration for the vault.

A TRUE
B FALSE

Question 12

One time passwords reduce the risk of Pass the Hash vulnerabilities in Windows.

A TRUE
B FALSE

Question 13

It is possible to restrict the time of day, or day of week that a verify process can occur

A TRUE
B FALSE

Question 14

When managing SSH keys, Central Policy Manager (CPM) automatically pushes the Private Key to all systems that use it.

A TRUE
B FALSE

Question 15

Which one of the built-in Vault users is not automatically added to the safe when it is first created in PWA?

A Master
B Administrator
C Auditor
D Operator

Question 16

What conditions must be met in order to log into the vault as the Master user? (Choose all that apply.)

A Logon must be originated from the console of the Vault Server or an EmergencyStation defined in DBParm.ini
B User must provide the correct master password.
C Logon requires the Recovery Private Key to be accessible to the vault.
D Logon must satisfy a challenge response request.

Question 17

The vault supports a number of dual factor authentication methods.

A TRUE
B FALSE

Question 18

In order to connect to a target device through PSM, the account credentials used for the connection must be stored in the vault.

A True.
B False. Because the user can also enter credentials manually using Secure Connect.
C False. Because if credentials are not stored in the vault, the PSM will log into the target device as PSMConnect.
D False. Because if credentials are not stored in the vault, the PSM will prompt for credentials.

Question 19

The Vault Server uses a modified version of the Microsoft Windows firewall.

A TRUE
B FALSE

That's the end of the Preview

Create a free account to unlock all questions for this exam.

Log In / Sign Up

Page 1 of 4 • Questions 1-25 of 92

1 2 3 4

→

Know a question that should be here? Contribute to this exam

One can create exceptions to the Master Policy based on ____________.

A Safes
B Platforms
C Policies
D Accounts

Auto-Detection can be configured to leverage LDAP/S.

A TRUE
B FALSE