marks4sure logo
Which combination of Safe member permissions will allow end users to log in to a remote machine transparently but NOT show or copy the password?
If a password is changed manually on a server, bypassing the CPM, how would you configure the account so that the CPM could resume management automatically?
When onboarding multiple accounts from the Pending Accounts list, which associated setting must be the same across the selected accounts?
Which parameter controls how often the CPM looks for accounts that need to be changed from recently completed Dual control requests.
Which of the following PTA detections require the deployment of a Network Sensor or installing the PTA Agent on the domain controller?
Match the Status of Service on a DR Vault to what is displayed when it is operating normally in Replication mode.
In order to connect to a target device through PSM, the account credentials used for the connection must be stored in the vault?
Which type of automatic remediation can be performed by the PTA in case of a suspected credential theft security event?
A new HTML5 Gateway has been deployed in your organization.
Where do you configure the PSM to use the HTML5 Gateway?
As vault Admin you have been asked to configure LDAP authentication for your organization's CyberArk users. Which permissions do you need to complete this task?
If a customer has one data center and requires high availability, how many PVWA's should be deployed.
You are installing HTML5 gateway on a Linux host using the RPM provided. After installing the Tomcat webapp, what is the next step in the installation process?
Which of the Following can be configured in the Master Poky? Choose all that apply.
Which of the following Privileged Session Management solutions provide a detailed audit log of session activities?
Which built-in report from the reports page in PVWA displays the number of days until a password is due to expire?
Which option in the Private Ark client is used to update users’ Vault group memberships?
All of your Unix root passwords are stored in the safe UnixRoot. Dual control is enabled for some of the accounts in that safe. The members of the AD group UnixAdmins need to be able to use the show, copy, and connect buttons on those passwords at any time without confirmation. The members of the AD group Operations Staff need to be able to use the show, copy and connect buttons on those passwords on an emergency basis, but only with the approval of a member of Operations Managers never need to be able to use the show, copy or connect buttons themselves.
Which safe permission do you need to grant Operations Staff? Check all that apply.
Due to network activity, ACME Corp’s PrivateArk Server became active on the OR Vault while the Primary Vault was also running normally. All the components continued to point to the Primary Vault.
Which steps should you perform to restore DR replication to normal?
Which utilities could you use to change debugging levels on the vault without having to restart the vault. Select all that apply.
Which CyberArk group does a user need to be part of to view recordings or live monitor sessions?
You are onboarding 5,000 UNIX root accounts for rotation by the CPM. You discover that the CPM is unable to log in directly with the root account and will need to use a secondary account.
How should this be configured to allow for password management using least privilege?
Can the 'Connect' button be used to initiate an SSH connection, as root, to a Unix system when SSH access for root is denied?
Which service should NOT be running on the DR Vault when the primary Production Vault is up?
If a user is a member of more than one group that has authorizations on a safe, by default that user is granted________.
You have been asked to configure SNMP remote monitoring for your organization's Vault servers. In the PARAgent.ini, which parameter specifies the destination of the Vault SNMP Traps?
You have been asked to turn off the time access restrictions for a safe.
Where is this setting found?
A user has successfully conducted a short PSM session and logged off. However, the user cannot access the Monitoring tab to view the recordings.
What is the issue?
Which parameters can be used to harden the Credential Files (CredFiles) while using CreateCredFile Utility? (Choose three.)
You are creating a Dual Control workflow for a team’s safe.
Which safe permissions must you grant to the Approvers group?
Via Password Vault Web Access (PVWA), a user initiates a PSM connection to the target Linux machine using RemoteApp. When the client’s machine makes an RDP connection to the PSM server, which user will be utilized?
When a DR Vault Server becomes an active vault, it will automatically revert back to DR mode once the Primary Vault comes back online.
It is possible to restrict the time of day, or day of week that a [b]reconcile[/b] process can occur
A Vault administrator have associated a logon account to one of their Unix root accounts in the vault. When attempting to verify the root account’s password the Central Policy Manager (CPM) will:
You are onboarding an account that is not supported out of the box.
What should you do first to obtain a platform to import?
Users who have the 'Access Safe without confirmation' safe permission on a safe where accounts are configured for Dual control, still need to request approval to use the account.
An auditor initiates a live monitoring session to PSM server to view an ongoing live session. When the auditor’s machine makes an RDP connection the PSM server, which user will be used?
Assuming a safe has been configured to be accessible during certain hours of the day, a Vault Admin may still access that safe outside of those hours.
TESTED 26 Apr 2024
