Is this exam completely free?

ExamCademy offers a free preview for every exam, covering around 20% of the total questions. Full access to all questions is available for free by signing up for an account. Optional supporters unlock AstroTutor (AI tutor) and advanced study modes.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! ExamCademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our practice questions are community-created and moderator-reviewed to align with realistic exam objectives, style, and difficulty.

SECRET-SEN by CyberArk - Page 1 | ExamCademy

Mode Selection

Sort:

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

That's the end of the Preview

Create a free account to unlock all questions for this exam.

Log In / Sign Up

Page 1 of 3 • Questions 1-25 of 59

1 2 3

→

Know a question that should be here? Contribute to this exam

When installing the Vault Conjur Synchronizer, you see this error:

Forbidden -
Logon Token is Empty – Cannot logon

Unauthorized -
What must you ensure to remediate the issue?

A This admin user must not be logged in to other sessions during the Vault Conjur Synchronizer installation process.
B You specified the correct url for Conjur and it is listed as a SAN on that url’s certificate.
C You correctly URI encoded the url in the installation script.
D You ran powershell as Administrator and there is sufficient space on the server on which you are running the installation.

Refer to the exhibit.
In which example will auto-failover occur?

Question Image

A
B
C
D

You are setting up the Secrets Provider for Kubernetes to support rotation with Push-to-File mode.
Which deployment option should be used?

A Init container
B Application container
C Sidecar
D Service Broker

What is the correct command to import the root CA certificate into Conjur?

A docker exec <ContainerName> evoke ca import – –no-restart – –root <rootCA.cer>
B docker exec <ContainerName> evoke import – –no-restart – –root <rootCA.cer>
C docker exec <ContainerName> evoke ca import – –no-restart <rootCA.cer>
D docker exec <ContainerName> ca import <rootCA.cer>

During the configuration of Conjur, what is a possible deployment scenario?

A The Leader and Followers are deployed outside of a Kubernetes environment; Slandbys can run inside a Kubernetes environment.
B The Conjur Leader cluster is deployed outside of a Kubernetes environment; Followers can run inside or outside the environment,
C The Leader cluster is deployed outside a Kubernetes environment; Followers and Standbys can run inside or outside the environment.
D The Conjur Leader cluster and Followers are deployed inside a Kubernetes environment.

DRAG DROP -
Arrange the steps to configure authenticators in the correct the sequence.

Question Image

DRAG DROP -
Match each scenario to the appropriate Secrets Manager solution.

Question Image

When working with Summon, what is the purpose of the secrets.yml file?

A It is where Summon outputs the secret value after retrieval.
B It is where you define which secrets to retrieve.
C It is where you store the Conjur URL and host API key.
D It is the log file for Summon.

You are deploying Kubernetes resources/objects as Conjur identities.
In addition to Namespace and Deployment, from which options can you choose? (Choose two.)

A ServiceAccount
B Replicasets
C Secrets
D Tokenreviews
E StatefulSet

You are diagnosing this log entry:
From Conjur logs:

Question Image

Given these errors, which problem is causing the breakdown?

A The Jenkins certificate chain is not trusted by Conjur.
B The Conjur certificate chain is not trusted by Jenkins.
C The JWT sent by Jenkins does not match the Conjur host annotations.
D The Jenkins certificate is malformed and will not be trusted by Conjur.

You are enabling synchronous replication on Conjur cluster.
What should you do?

A Execute this command on the Leader:docker exec <container-name> sh –c”evoke replication sync that*
B Execute this command on each Standby:docker exec <container-name> sh –c”evoke replication sync that*
C In Conjur web UI, click the Tools icon in the top right corner of the main window.Choose Conjur Cluster and click “Enable synchronous replication” in the entry for Leader.
D In Conjur web UI, click the Tools icon in the top right corner of the main window.Choose Conjur Cluster and click “Enable synchronous replication” in the entry for Standbys.

An application is having authentication issues when trying to securely retrieve credential’s from the Vault using the CCP webservices RESTAPI. CyberArk Support advised that further debugging should be enabled on the CCP server to output a trace file to review detailed logs to help isolate the problem.
What best describes how to enable debug for CCP?

A Edit web.config. change the “AIMWebServiceTrace” value, restart Windows Web Server (IIS)
B In the PVWA, go to the Applications tab, select the Application in question, go to Options > Logging and choose Debug.
C From the command line, run appprvmgr.exe update_config logging=debug.
D Edit the basic_appprovider.conf, change the “AIMWebServiceTrace" value, and restart the provider.

SECRET-SENPreview

Mode Selection

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

That's the end of the Preview