marks4sure logo
A user needs to view recorded sessions through the PVWA.
Without giving auditor access, which safes does a user need access to view PSM recordings? (Choose two.)
You have been asked to delegate the rights to unlock users to Tier 1 support. The Tier 1 support team already has an LDAP group for its members.
Arrange the steps to do this in the correct sequence.
In your organization the “click to connect” button is not active by default.
How can this feature be activated?
You are logging into CyberArk as the Master user to recover an orphaned safe.
Which items are required to log in as Master?
Your organization requires all passwords be rotated every 90 days.
Where can you set this regulatory requirement?
What is required to enable access over SSH to a Unix account through both PSM and PSMP?
You are configuring a Vault HA cluster.
Which file should you check to confirm the correct drives have been assigned for the location of the Quorum and Safes data disks?
In addition to add accounts and update account contents, which additional permission on the safe is required to add a single account?
You have been asked to secure a set of shared accounts in CyberArk whose passwords will need to be used by end users. The account owner wants to be able to track who was using an account at any given moment.
Which security configuration should you recommend?
Which parameter controls how often the CPM looks for Soon-to-be-expired Passwords that need to be changed.
You created a new safe and need to ensure the user group cannot see the password, but can connect through the PSM.
Which safe permissions must you grant to the group? (Choose two.)
Which change could CyberArk make to the REST API that could cause existing scripts to fail?
The Vault administrator can change the Vault license by uploading the new license to the system Safe.
As long as you are a member of the Vault Admins group, you can grant any permission on any safe that you have access to.
Which Cyber Are components or products can be used to discover Windows Services or Scheduled Tasks that use privileged accounts? Select all that apply.
PSM for Windows (previously known as “RDP Proxy”) supports connections to the following target systems
It is possible to leverage DNA to provide discovery functions that are not available with auto-detection.
It is possible to restrict the time of day, or day of week that a [b]verify[/b] process can occur
Which built-in report from the reports page in PVWA displays the number of days until a password is due to expire?
You have been asked to turn off the time access restrictions for a safe.
Where is this setting found?
An auditor initiates a live monitoring session to PSM server to view an ongoing live session. When the auditor’s machine makes an RDP connection the PSM server, which user will be used?
What are the minimum permissions to add multiple accounts from a file when using PVWA bulk-upload? (Choose three.)
Which statement is true about setting the reconcile account at the platform level?
In PVWA, you are attempting to play a recording made of a session by user jsmith, but there is no option to “Fast Forward” within the video. It plays and only allows you to skip between commands instead. You are also unable to download the video.
What could be the cause?
When a group is granted the 'Authorize Account Requests' permission on a safe Dual Control requests must be approved by
Which methods can you use to add a user directly to the Vault Admin Group? (Choose three.)
Due to corporate storage constraints, you have been asked to disable session monitoring and recording for 500 testing accounts used for your lab environment.
How do you accomplish this?
What is the name of the Platform parameters that controls how long a password will stay valid when One Time Passwords are enabled via the Master Policy?
The Active Directory User configured for Windows Discovery needs which permission(s) or membership?
A new domain controller has been added to your domain. You need to ensure the CyberArk infrastructure can use the new domain controller for authentication.
Which locations must you update?
It is possible to restrict the time of day, or day of week that a [b]reconcile[/b] process can occur
A Vault administrator have associated a logon account to one of their Unix root accounts in the vault. When attempting to verify the root account’s password the Central Policy Manager (CPM) will:
Which Master Policy Setting must be active in order to have an account checked-out by one user for a pre-determined amount of time?
As long as you are a member of the Vault Admins group you can grant any permission on any safe.
You are creating a new Rest API user that utilizes CyberArk Authentication.
What is a correct process to provision this user?
A user with administrative privileges to the vault can only grant other users privileges that he himself has.
You want to give a newly-created group rights to review security events under the Security pane. You also want to be able to update the status of these events.
Where must you update the group to allow this?
Match the Status of Service on a DR Vault to what is displayed when it is operating normally in Replication mode.
For Digital Vault Cluster in a high availability configuration, how does the cluster determine if a node is down?
The Privileged Access Management solution provides an out-of-the-box target platform to manage SSH keys, called UNIX Via SSH Keys.
How are these keys managed?
A user is receiving the error message “ITATS006E Station is suspended for User jsmith” when attempting to sign into the Password Vault Web Access (PVWA). Which utility would a Vault administrator use to correct this problem?
TESTED 20 Apr 2024
