During CPM hardening, which locally created users are granted Logon as a Service rights in the local group policy? (Choose two.)
APasswordManager
BPluginManagerUser
CScannerUser
DPasswordManagerUser
ECPMServiceAccount
You are configuring firewall rules between the Privilege Cloud components and the Privilege Cloud.
Which firewall rules should be set up to allow connections?
Afrom the CyberArk Privilege Cloud to the Privilege Cloud components
Bfrom the Privilege Cloud components to the CyberArk Privilege Cloud
Cbi-directionally between the Privilege Cloud components and the CyberArk Privilege cloud
Dfrom the Privilege Cloud components to CyberArk.com
Which statement is correct regarding the LDAP integration with CyberArk Privilege Cloud Standard?
AYou must track the expiration date of the directory server certificate and contact CyberArk Support to renew it.
BLDAPS integration with Privilege Cloud requires StartTLS for secure and encrypted communication.
CFor certificate trust to your directory server, only the issuing CA certificate is required.
DThe top-level domain entry of the directory must be unique in the chosen Privilege Cloud region.
What is a supported certificate format for retrieving the LDAPS certificate when not using the Cyberark provided LDAPS certificate tool?
A.der
B.p7b
C.p7c
D.p12
Question 6
I could not verify any official CPC-SEN exam objective/topic list with percentage weights from publicly accessible CyberArk sources
0
Question 7
I could not verify any official CPC-SEN exam objective/topic list with percentage weights from publicly accessible CyberArk sources
Question 8
I could not verify any official CPC-SEN exam objective/topic list with percentage weights from publicly accessible CyberArk sources
Question 9
I could not verify any official CPC-SEN exam objective/topic list with percentage weights from publicly accessible CyberArk sources
Question 10
I could not verify any official CPC-SEN exam objective/topic list with percentage weights from publicly accessible CyberArk sources
Question 11
I could not verify any official CPC-SEN exam objective/topic list with percentage weights from publicly accessible CyberArk sources
Question 12
I could not verify any official CPC-SEN exam objective/topic list with percentage weights from publicly accessible CyberArk sources
Question 13
I could not verify any official CPC-SEN exam objective/topic list with percentage weights from publicly accessible CyberArk sources
Question 14
I could not verify any official CPC-SEN exam objective/topic list with percentage weights from publicly accessible CyberArk sources
Question 15
I could not verify any official CPC-SEN exam objective/topic list with percentage weights from publicly accessible CyberArk sources
Question 16
I could not verify any official CPC-SEN exam objective/topic list with percentage weights from publicly accessible CyberArk sources
Question 17
I could not verify any official CPC-SEN exam objective/topic list with percentage weights from publicly accessible CyberArk sources
Question 18
I could not verify any official CPC-SEN exam objective/topic list with percentage weights from publicly accessible CyberArk sources
Question 19
I could not verify any official CPC-SEN exam objective/topic list with percentage weights from publicly accessible CyberArk sources
Question 20
I could not verify any official CPC-SEN exam objective/topic list with percentage weights from publicly accessible CyberArk sources
Question 21
I could not verify any official CPC-SEN exam objective/topic list with percentage weights from publicly accessible CyberArk sources
Question 22
I could not verify any official CPC-SEN exam objective/topic list with percentage weights from publicly accessible CyberArk sources
Question 23
I could not verify any official CPC-SEN exam objective/topic list with percentage weights from publicly accessible CyberArk sources
Question 24
I could not verify any official CPC-SEN exam objective/topic list with percentage weights from publicly accessible CyberArk sources
Question 25
I could not verify any official CPC-SEN exam objective/topic list with percentage weights from publicly accessible CyberArk sources
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ad
Want a break from the ads?
Become a Supporter and enjoy a completely ad-free experience, plus unlock Learn Mode, Exam Mode, AstroTutor AI, and more.
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
A CyberArk Privileged Cloud Shared Services customer asks you how to find recent failed login event for all users.
Where can you do this without generating reports?
APrivileged Cloud Portal
BIdentity Administration Portal
Cboth Identity Administration and Identity User Portals
DIdentity User Portal
When installing the first CPM within Privilege Cloud using the Connector Management Agent, what should you set the Installation Mode to in the CPM section?
AActive
BPassive
CDefault
DPrimary
What are dependencies to update or change the CPM credential? (Choose two.)
AAPIKeyManager.exe
BCreateCredFile.exe
CCPM/nDomain_Hardening.ps1
DCyberArk.TPC.exe
EData Execution Prevention
Following the installation of the PSM for SSH server, which additional tasks should be performed? (Choose two.)
ADelete the user.cred file used during installation.
BDelete the vault.ini you used during installation.
CDelete the psmpparms file you used during installation.
DPackage all installation log files or upload to CyberArk.
On the CPM, you want to verify if DEP is disabled for the required executables.
According to best practices, which executables should be listed? (Choose two.)
ATelnet.exe
BPlink.exe.
Cputty.exe
Dmstsc.exe
Which statement is correct about using the AllowedSafes platform parameter?
AIt allows users to access accounts in specific safes.
BIt prevents the CPM from scanning all safes, restricting it to scan only safes that match the AllowedSafes configuration.
CIt allows the CPM to access PSM safes to monitor platform configuration and connection component changes.
DIt prevents the CPM from processing pending items in the Discovery safes enforcing manual intervention to complete the onboarding process.
A support team has asked you to provide the previous password for an account that had its password recently changed by the CPM.
In which tab within the account’s overview page can you retrieve this information?
AOverview
BActivities
CDetails
DVersions
You are deploying a CyberArk Identity Connector to integrate Privilege Cloud Shared Service with an Active Directory environment.
Which requirement must be met?
AThe Identity Connector Server must be joined to the Active Directory.
BThe Server must be a member of the root domain of the Active Directory forest.
CThe Identity Connector must be installed on a Domain Controller.
DThe Identity Connector must be installed using Domain Administrator credentials.
CyberArk User Neil is trying to connect to the Target Linux server 192.168.1.164 using a domain user ACME\linuxuser01 on domain acme.corp using PSM for SSH server 192.168.65.145.
What is the correct syntax?
How can a platform be configured to work with load-balanced PSMs?
ARemove all entries from configured PSM Servers except for the ID of the PSMs with load balancing.
BCreate a new PSM definition that targets the load balancer IP address and assign to the platform.
CInclude details of the PSMs with load balancing in the Basic_psm.ini file on each PSM server.
DUse the Privilege Cloud Portal to update the Session Management settings for the platform in the Master Policy.
After a scripted installation has successfully installed the PSM, which post-installation task is performed?
AThe screen server for the PSM local users is disabled.
BA new group called PSMShadowUsers is created.
CThe PSMAdminConnect user password is reset.
DRemote desktop services are installed.
What must be done to configure the syslog server IP address(es) for SIEM integration? (Choose two.)
ASubmit a service request to CyberArk Support.
BUpdate the syslog server IP address through the Privilege Cloud Portal.
CUpdate the DBPARM.ini file with the correct syslog server IP address.
DUpdate the vault.ini file with the correct syslog server IP address.
EConfigure the Secure Tunnel for SIEM integration.
You are planning to configure Multi-Factor Authentication (MFA) for your CyberArk Privilege Cloud Shared Service.
What are the available authentication methods?
CPrivilege Cloud Shared Services fully utilize CyberArk Identity and its MFA options.
DOnly RADIUS can be used to achieve MFA across all components, such as PSM for RDP and PSM for SSH.
Which tool configures the user object that will be used during the installation of the PSM for SSH component?
ACreateUserPass
BCreateCredFile
CConfigureCredFile
DConfigureUserPass
In large-scale environments, it is important to enable the CPM to focus its search operations on specific Safes instead of scanning all Safes it sees in the Vault.
How is this accomplished?
AAdministration Options > CPM Settings
BAllowedSafes Parameters on each platform policy
CMaxConcurrentConnection parameter on each platform policy
DAdministration > Options > CPM Scanner
What is the correct CyberArk user to use when installing the Privilege Cloud Connector software?
Ainstalleruser@<suffix>
BAdministrator
C<subdomain>_admin
DInstaller
You are creating a PSM Load Balanced Virtual Server Configuration.
What are the default service ports/protocols used for RDS and the PSM Health Check service?
ARDP/389 HTTP/443
BRDP/3389 HTTPS/443
CUDP/53 HTTPS/389
DRDP/636 HTTPS/443
To disable the PSM default Support for Browser Sessions, which option should be set to ‘No’ before running Hardening?
ASupportWebApplications
BSupportBrowsers
CSupportWebBrowsers
DSupportHTML5Content
Your customer is using Privilege Cloud Shared Services.
What is the correct CyberArk Vault address for this customer?
You plan to install Privilege Cloud Connectors on your AWS and Azure environments.
What is the maximum number of concurrent RDP/SSH sessions that each connector can handle for Large Implementations?
