GUARDPreview

A customer has a requirement to implement CyberArk with the lowest recovery time objective possible for the vault server failure in both the primary and secondary datacenter.
Which Architecture is the most suitable for this?

DRAG DROP -
Match the Conjur Services and Options:

When Dual Control is enabled for a platform in the Master Policy, exceptions can be configured in these two places. (Choose two.)

The manager of Active Directory asks you to temporarily enable Object Level Access Control (OLAC) on a safe for which they are the owner, so that they can control which users can use a specific Domain Admin account.
What limitation of OLAC should you discuss with them?

You are installing the Digital Vault in AWS.
When does the hardening happen?

What is a SCIM Server?

Choose the two controls that can be defined at the Master Policy level. (Choose two.)

Which items are required for configuring PSM external recording storage?

ClientABC is moving into their DevOps space. They currently are using CCP and are considering Conjur. They've noticed that there is quite a bit of overlap.
How would you explain the difference between the two? (Choose two).

A customer has given you the task of onboarding more than 1,000 Local Admin accounts, the accounts are all used by the same team and exist in a control zone.
Which CyberArk feature would offer an automated way of achieving this task?

Which type of attack can CyberArk mitigate?

What is the encryption requirement for the HSM?

In CyberArk Remote Access, if you want to copy files in PSM sessions, and you have more than one Remote Access Connector server, you must:

How is a Secondary PTA server promoted to a Primary PTA Server?

Which Secrets Manager component is recommended to put behind a load-balancer, for availability and redundancy?

You are implementing PAM for your globally distributed organization. These Locations are England (UK), Boston (USA) and Hong Kong (ROC).
Each location has 2 Data Centers that are physically separated for disaster mitigation.
The decision has been made to set England DC 1 as the Primary DC.
Components will be scaled Horizontally where necessary in later phases.
All DC's can Communicate with each other.
The Solution must offer the following:

• Resilient Access to target Systems
• Primary Location must be highly resilient
• Recoverable from all locations
• Global Resilience to outages
• A single Master Policy should govern the solution
  Load Balancing is possible between DC's in the Same Region.
  What is the minimum to meet these requirements?

Which option below is an advanced Master Policy rule?

What risk should be considered prior to enabling OLAC (Object Level Access Control)?

In most instances, why should a failed CPM verification, followed by a reconciliation action be treated as a security incident?

DRAG DROP -
In CyberArk Remote Access, match the Persona with the Job Role:

DRAG DROP -
Put the events in the correct order for the PSM for SSH MFA Caching authentication workflow which is available as of v12.1.

DRAG DROP -
Customer ACME Corp has deployed EPM SaaS and is moving towards Advanced Application Policies.
As a Senior Consultant, you have to help the customer to understand the advantages & disadvantages of Application parameters vs. checksum.
Match the options below to their correct match.

DRAG DROP -
Place the steps to create a new Alero Tenant in the correct order.