Unable to verify official CAU302 exam domains from publicly accessible CyberArk sources
Ask AstroTutor
What is the name of the Platform parameter that controls how long a password will stay valid when One Time Passwords are enabled via the Master Policy?
AMinValidityPeriod
BInteval
CImmediateInterval
DTimeout
0
Question 2
Unable to verify official CAU302 exam domains from publicly accessible CyberArk sources
0
Question 3
Unable to verify official CAU302 exam domains from publicly accessible CyberArk sources
0
Question 4
Unable to verify official CAU302 exam domains from publicly accessible CyberArk sources
0
Question 5
Unable to verify official CAU302 exam domains from publicly accessible CyberArk sources
When managing SSH keys, the Central Policy Manager (CPM) stores the Public Key ________________.
AIn the Vault
BOn the target server
CIn the Vault and on the target server
DNowhere because the public key can always be generated from the private key
It is possible to disable the Show and Copy buttons without removing the Retrieve permission on a safe.
ATRUE
BFALSE
Which onboarding method would you use to integrate CyberArk with your accounts provisioning process?
AAccounts Discovery
BAuto Detection
COnboarding RestAPI functions
DPTA Rules
One can create exceptions to the Master Policy based on ____________.
ASafes
BPlatforms
CPolicies
DAccounts
Question 6
Unable to verify official CAU302 exam domains from publicly accessible CyberArk sources
0
Question 7
Unable to verify official CAU302 exam domains from publicly accessible CyberArk sources
Question 8
Unable to verify official CAU302 exam domains from publicly accessible CyberArk sources
Question 9
Unable to verify official CAU302 exam domains from publicly accessible CyberArk sources
Question 10
Unable to verify official CAU302 exam domains from publicly accessible CyberArk sources
Question 11
Unable to verify official CAU302 exam domains from publicly accessible CyberArk sources
Question 12
Unable to verify official CAU302 exam domains from publicly accessible CyberArk sources
Question 13
Unable to verify official CAU302 exam domains from publicly accessible CyberArk sources
Question 14
Unable to verify official CAU302 exam domains from publicly accessible CyberArk sources
Question 15
Unable to verify official CAU302 exam domains from publicly accessible CyberArk sources
Question 16
Unable to verify official CAU302 exam domains from publicly accessible CyberArk sources
Question 17
Unable to verify official CAU302 exam domains from publicly accessible CyberArk sources
Question 18
Unable to verify official CAU302 exam domains from publicly accessible CyberArk sources
Question 19
Unable to verify official CAU302 exam domains from publicly accessible CyberArk sources
Question 20
Unable to verify official CAU302 exam domains from publicly accessible CyberArk sources
Question 21
Unable to verify official CAU302 exam domains from publicly accessible CyberArk sources
Question 22
Unable to verify official CAU302 exam domains from publicly accessible CyberArk sources
Question 23
Unable to verify official CAU302 exam domains from publicly accessible CyberArk sources
Question 24
Unable to verify official CAU302 exam domains from publicly accessible CyberArk sources
Question 25
Unable to verify official CAU302 exam domains from publicly accessible CyberArk sources
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ad
Want a break from the ads?
Become a Supporter and enjoy a completely ad-free experience, plus unlock Learn Mode, Exam Mode, AstroTutor AI, and more.
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Auto-Detection can be configured to leverage LDAP/S.
ATRUE
BFALSE
When on-boarding accounts using Accounts Feed, which of the following is true?
AYou must specify an existing Safe where the account will be stored when it is on-boarded to the Vault.
BYou can specify the name of a new safe that will be created where the account will be stored when it is on-boarded to the Vault.
CYou can specify the name of a new Platform that will be created and associated with the account.
DAny account that is on-boarded can be automatically reconciled regardless of the platform it is associated with.
Select the best practice for storing the Master CD.
ACopy the files to the Vault Server and discard the CD.
BCopy the contents of the CD to a Hardware Security Module (HSM) and discard the CD.
CStore the CD in a secure location, such as a physical safe.
DStore the CD in a secure location, such as a physical safe, and copy the contents of the CD to a folder secured with NTFS permissions on the vault.
Which combination of safe member permissions will allow End Users to log in to a remote machine transparently but NOT show or copy the password?
AUse Accounts, Retrieve Accounts, List Accounts
BUse Accounts, List Accounts
CUse Accounts
DList Accounts, Retrieve Accounts
PSM for Windows (previously known as RDP Proxy) supports connections to the following target systems: __________ .
AWindows
BUNIX
COracle
DAll of the above
Using the SSH Key Manager it is possible to allow Central Policy Manager (CPM) to manage SSH Keys similarly to passwords.
ATRUE
BFALSE
What is the purpose of the PrivateArk Database service?
AMaintains Vault metadata.
BCommunicates with components.
CSends email alerts from the vault.
DExecutes password changes.
The Vault Internal safe contains the configuration for an LDAP integration.
ATRUE
BFALSE
What is the purpose of the Allowed Safes parameter in a Central Policy Manager (CPM) policy? (Choose all that apply.)
ATo improve performance by reducing CPM workload.
BTo prevent accidental use of a policy in the wrong Safe.
CTo allow users to access only the passwords they should be able to access.
DTo enforce Least Privilege in CyberArk.
The Vault Internal safe contains all of the configuration for the vault.
ATRUE
BFALSE
One time passwords reduce the risk of Pass the Hash vulnerabilities in Windows.
ATRUE
BFALSE
It is possible to restrict the time of day, or day of week that a verify process can occur
ATRUE
BFALSE
When managing SSH keys, Central Policy Manager (CPM) automatically pushes the Private Key to all systems that use it.
ATRUE
BFALSE
Which one of the built-in Vault users is not automatically added to the safe when it is first created in PWA?
AMaster
BAdministrator
CAuditor
DOperator
What conditions must be met in order to log into the vault as the Master user? (Choose all that apply.)
ALogon must be originated from the console of the Vault Server or an EmergencyStation defined in DBParm.ini
BUser must provide the correct master password.
CLogon requires the Recovery Private Key to be accessible to the vault.
DLogon must satisfy a challenge response request.
The vault supports a number of dual factor authentication methods.
ATRUE
BFALSE
In order to connect to a target device through PSM, the account credentials used for the connection must be stored in the vault.
ATrue.
BFalse. Because the user can also enter credentials manually using Secure Connect.
CFalse. Because if credentials are not stored in the vault, the PSM will log into the target device as PSMConnect.
DFalse. Because if credentials are not stored in the vault, the PSM will prompt for credentials.
The Vault Server uses a modified version of the Microsoft Windows firewall.
ATRUE
BFALSE
A Vault administrator have associated a logon account to one of your UNIX root accounts in the vault. When attempting to change the root account's password the
CPM will`¦
ALog in to the system as root, then change root's password.
BLog in to the system as the logon account, then change root's password.
CLog in first with the logon account, then run the SU command to log in as root, and then change root's password.
DNone of these.
What is the purpose of the CyberArk Event Notification Engine service?
