PAM-CDE-RECERT CyberArk CDE Recertification Questions and Answers
A newly created platform allows users to access a Linux endpoint. When users click to connect, nothing happens.
Which piece of the platform is missing?
A user with administrative privileges to the vault can only grant other users privileges that he himself has.
When running a “Privileged Accounts Inventory” Report through the Reports page in PVWA on a specific safe, which permission/s are required on that safe to show complete account inventory information?
If a password is changed manually on a server, bypassing the CPM, how would you configure the account so that the CPM could resume management automatically?
PSM for Windows (previously known as “RDP Proxy”) supports connections to the following target systems
For an account attached to a platform that requires Dual Control based on a Master Policy exception, how would you configure a group of users to access a password without approval.
You are creating a Dual Control workflow for a team’s safe.
Which safe permissions must you grant to the Approvers group?
As long as you are a member of the Vault Admins group, you can grant any permission on any safe that you have access to.
Which SMTP address can be set on the Notification Settings page to re-invoke the ENE setup wizard after the initial Vault installation.
What is a prerequisite step betore CyberArk can be configured to support RADIUS authentication?
Which of the following are secure options for storing the contents of the Operator CD, while still allowing the contents to be accessible upon a planned Vault restart? (Choose three.)
What is the configuration file used by the CPM scanner when scanning UNIX/Linux devices?
By default, members of which built-in groups will be able to view and configure Automatic Remediation and Session Analysis and Response in the PVWA?
You are creating a new Rest API user that utilizes CyberArk Authentication.
What is a correct process to provision this user?
If a customer has one data center and requires high availability, how many PVWA's should be deployed.
Customers who have the ‘Access Safe without confirmation’ safe permission on a safe where accounts are configured for Dual control, still need to request approval to use the account.
To manage automated onboarding rules, a CyberArk user must be a member of which group?
An auditor initiates a live monitoring session to PSM server to view an ongoing live session. When the auditor’s machine makes an RDP connection the PSM server, which user will be used?
You have been asked to limit a platform called "Wmdows_Servers" to safes called "WindowsDCT and "WindowsDC2" The platform must not be assigned to any other safe What is the correct way to accomplish this?
You have been asked to turn off the time access restrictions for a safe.
Where is this setting found?
Your organization requires all passwords be rotated every 90 days.
Where can you set this regulatory requirement?
You are configuring the vault to send syslog audit data to your organization's SIEM solution. What is a valid value for the SyslogServerProtocol parameter in DBPARM.ini file?
What is the maximum number of levels of authorization you can set up in Dual Control?
Time of day or day of week restrictions on when password verifications can occur configured in ____________________.
Assuming a safe has been configured to be accessible during certain hours of the day, a Vault Admin may still access that safe outside of those hours.
Your customer, ACME Corp, wants to store the Safes Data in Drive D instead of Drive C.
Which file should you edit?
A new domain controller has been added to your domain. You need to ensure the CyberArk infrastructure can use the new domain controller for authentication.
Which locations must you update?
When onboarding multiple accounts from the Pending Accounts list, which associated setting must be the same across the selected accounts?
When a group is granted the 'Authorize Account Requests' permission on a safe Dual Control requests must be approved by
What is the name of the Platform parameters that controls how long a password will stay valid when One Time Passwords are enabled via the Master Policy?
Arrange the steps to restore a Vault using PARestore for a Backup in the correct sequence.
Which utilities could you use to change debugging levels on the vault without having to restart the vault. Select all that apply.
Which browser is supported for PSM Web Connectors developed using the CyberArk Plugin Generator Utility (PGUP
It is possible to restrict the time of day, or day of week that a [b]verify[/b] process can occur
To ensure all sessions are being recorded, a CyberArk administrator goes to the master policy and makes configuration changes.
Which configuration is correct?
Which Automatic Remediation is configurable for a PTA detection of a “Suspected Credential Theft”?
Which keys are required to be present in order to start the PrivateArk Server service?
Which of the following files must be created or configured m order to run Password Upload Utility? Select all that apply.
In addition to bit rate and estimated total duration of recordings per day, what is needed to determine the amount of storage required for PSM recordings?
Which Cyber Are components or products can be used to discover Windows Services or Scheduled Tasks that use privileged accounts? Select all that apply.
All of your Unix root passwords are stored in the safe UnixRoot. Dual control is enabled for some of the accounts in that safe. The members of the AD group UnixAdmins need to be able to use the show, copy, and connect buttons on those passwords at any time without confirmation. The members of the AD group Operations Staff need to be able to use the show, copy and connect buttons on those passwords on an emergency basis, but only with the approval of a member of Operations Managers never need to be able to use the show, copy or connect buttons themselves.
Which safe permission do you need to grant Operations Staff? Check all that apply.
PTA can automatically suspend sessions if suspicious activities are detected in a privileged session, but only if the session is made via the CyberArk PSM.
You are helping a customer prepare a Windows server for PSM installation. What is required for a successful installation?
You are installing PSM for SSH with AD-Bridge in CyberArkSSHD mode for your customer. ACME Corp What do you need to install to meet your customer's needs? (Choose 2)
PDF + Testing Engine
Testing Engine
PDF (Q&A)
