PAM-SEN CyberArk Sentry PAM Questions and Answers
When performing “In Domain” hardening of a PSM server, which steps must be performed? (Choose two.)
Which statement is correct about CPM behavior in a distributed Vault environment?
Which keys are required to be present in order to start the PrivateArk Server Service? Select all that apply.
During the PSM installation process, Safes and a User are created.
In addition to Add Safes, Add/Update Users, Reset Users’ Passwords, and Activate Users, which authorization(s) does the Vault user installing the PSM need to enable them to be successfully created?
A customer has five main data centers with one PVWA in each center under different URLs.
How can you make this setup fault tolerant?
Which step is required to register a Vault manually in Amazon Web Services using CAVaultManager?
Which command should be executed to harden a Vault after registering it to Azure?
What authentication methods can be implemented to enforce Two-Factor Authentication (2FA) for users authenticating to CyberArk using both the PVWA (through the browser) and the PrivateArk Client?
The PrivateArk clients allows a user to view the contents of the vault like a filesystem.
A customer is moving from an on-premises to a public cloud deployment.
What is the best and most cost-effective option to secure the server key?
You have been asked to limit a platform called “Windows_Servers” to safes called “WindowsDC1” and “WindowsDC2”. The platform must not be assigned to any other safe.
What is the correct way to accomplish this?
A vault admin received an email notification that a password verification process has failed Which service sent the message?
Which of the following are prerequisites for installing PVWA Check all that Apply.
The RemoteApp feature of PSM allows seamless Application windows (i e the Desktop of the PSM server will not be visible)
CyberArk User Neil is trying to connect to the Target Linux server 192.168.1.164 using a domain account ACME/linuxuser01 on domain acme.corp using PSM for SSH server 192.168.65.145.
What is the correct syntax?
For redundancy, you want to add a secondary RADIUS server.
What must you do to accomplish this?
Which browser is supported for PSM Web Connectors developed using the CyberArk Plugin Generator Utility (PGU)?
Before the hardening process, your customer identified a PSM Universal Connector executable that will be required to run on the PSM.
Which file should you update to allow this to run?
Which component should be installed on the Vault if Distributed Vaults are used with PSM?
The security of the Vault Server is entirely dependent on the security of the network.
If a customer has one data center and requires fault tolerance, how many PVWAs should be deployed?
Which components can connect to a satellite Vault in a distributed Vault architecture?
You need to add a new PSM server to an existing CyberArk environment.
What is the best way to determine the sizing of this server?
In a SIEM integration it is possible to use the fully-qualified domain name (FQDN) when specifying the SIEM server address(es)
The account used to install a PVWA must have ownership of which safes? (Choose two.)
As a member of a PAM Level-2 support team, you are troubleshooting an issue related to load balancing four PVWA servers at two data centers. You received a note from your Level-1 support team stating “When testing PVWA website from a workstation, we noticed that the “Source IP of last sign-in” was shown as the VIP (Virtual IP address) assigned to the four PVWA servers instead of the workstation IP where the PVWA site was launched from.”
Which step should you take?
You want to improve performance on the CPM by restricting accounts for the CYBRWINDAD platform to only the WINDEMEA and WINDEMEA_Admin safes.
How do you set this in CyberArk?
What are the operating system prerequisites for installing CPM? Select all that apply.
PDF + Testing Engine
Testing Engine
PDF (Q&A)
