FULL QUESTIONS AND ANSWERS GRADED A+
◉ The PTA can be configured to terminate and suspend sessions.
Answer: True, though typically only in the case of high risk activity
◉ Platform Settings are applied to __________? Answer: Individual
Accounts
◉ What are the secure options for storing the contents of the
operator CD, while still being able to allows the contents of the Vault
during a planned restart? Answer: - Store the CD in a physical safe
and mount the CD every time maintenance is performed
- Copy the contents of the CD to a folder on the Vault server and
secure it with NTFS permissions
- Store the server key in a HSM
◉ Can two vaults be load balanced with external load balancer?
Answer: No
◉ What file do you figure to set the Radius server? Answer:
DBParm.ini
,◉ Where would you install the Password Upload Utility in your
environment? Answer: The utility does not require installation
◉ What status and privileges must the CPM have for all safes?
Answer: Must be an owner with:
- Monitor
- Retrieve
- Store
- Delete
◉ Access control is done by? Answer: Safes
◉ Vault Server/CyberArk allows integration of only SYSLog or SIEM?
Answer: False
◉ Once the Vault is hardened, how do you add a non-standard
firewall rule? Answer: Edit the DParm.ini file
◉ The Master User has full __________ and __________ authorizations.
Can these be removed by the Administrator? Answer: Safe and Vault,
No authorization cannot be removed
◉ The DR module allows an Integration with Enterprise Backup
Software. Answer: False
,◉ Who/What has access to a newly created safe? Answer: The
associated CPM and the creator of the safe.
◉ By running deep packet inspection, what type of Kerberos attacks
can the PTA detect in real time? Answer: - Pass the Hash
- PAC Attack
- Golden Ticket
- DC Sync
◉ Older sessions are analyzed in PTA and trigger security incidents.
Answer: False, only current PSM sessions are analyzed by the PTA
◉ File used to configure the physical disks used to store Vault Data.
Answer: TSParm.ini
◉ User configuration is available in the PVWA. Answer: False
◉ Designed to provide a native Unix/Linux user experience,
connecting to any SSH Target System Answer: PSM for SSH (PSM SSH
Proxy)
◉ Detecting Kerberos attacks are included in the Core PAS Solution
Answer: False
, ◉ Report that shows CPM status for each account. Answer:
Privileged Accounts Compliance Status Report
◉ Kerberos attacks are included in the Core PAS solution. Answer:
False
◉ What are the three primary goals of the PSM? Answer: Isolate,
Control, and Monitor
◉ Basic PSM file that contains the information required to start the
PSM. Answer: Basic_psm.ini
◉ Name two ways of viewing the ITALog Answer: - Log onto the
Vault, navigate to server folder under the PrivateArk Install location
- Access the system safe from the PrivateArk client
◉ What does CyberArk use to manage access control? Answer: Safes
◉ The account credentials used for connection with the PSM, must
be stored in the Vault. Answer: False, the user can also enter the
credentials manually via SecureConnect