ANSWERS GRADED A+
✔✔What are three components of the Core PAS system? - ✔✔- Electronic Password
Vault (EPV)
- Privileged Session Manager (PSM)
- Privileged Threats Analytics (PTA)
✔✔The PTAUser requires what permissions on the PasswordManager_Pending safe? -
✔✔- List accounts
- View safe members
- Add accounts
- Update account content
- Update account properties
✔✔What would be a good use case for the Replicate module? - ✔✔Integration with a
Enterprise Backup Solution is required
✔✔Displays the licensed user types and objects in the Vault, the maximum number of
licenses for each, and the number of licenses used? - ✔✔License Capacity Report
✔✔What is the PTA designed to do? - ✔✔- Collect
- Detect
- Alert
- Respond
- Automate
✔✔- The main log of the PTA is located where?
- What is the name of the main PTA Log? - ✔✔-Opt/tomcat/logs/Diamond.log
- Diamond.log
✔✔Before restarting a Vault Machine that is part of a cluster it is highly recommended
to stop the node from what utility? - ✔✔Cluster Vault Management Utility
✔✔Name some examples of Kerberos attacks. - ✔✔- Over Pass the Hash
- DC Sync
- PAC attacks
- Golden ticket
✔✔What are the three types of account usages available? - ✔✔- Configuration file
- Windows registry
- Database string
, ✔✔What abuse or bypass of PAS does PTA monitor? - ✔✔- Unmanaged privileged
access
- Suspected credential theft
- Suspicious password change
- Suspicious activities detected in a privileged session (PSM)
✔✔During PSM installation, what groups or permissions are created and assigned to
the PSM safe? - ✔✔- PSM App Users: used to retrieve from the Vault, create recording
safes, upload recordings, etc.
- PSM Master: manages the safe where the recording are stored
- PSM GW_<Machine Name>: Gateway user through whichthe PSM user will access
the Vault to retrieve the target machine password
- PSMApp_<MachineName>: used by the PSM for internal processing
✔✔What are the two main categories of users and groups in the system? What do they
each do? - ✔✔Locally managed (CyberArk):
- Users that are created automatically in the Vault (built-in)
- Users that are added manually to the Vault
Transparent Managed (LDAP):
- Users that are automatically provisioned from an external directory
✔✔Where would you navigate to in order to configure email services? - ✔✔Options -
Setup Wizard - Email Notifications
✔✔How can Vault hardening be removed from server? - ✔✔Reinstall operating system
✔✔What permissions are required to run the Application Inventory Report? - ✔✔Audit
users
✔✔Users in the Auditors group are automatically added to all __________ with what
permissions? - ✔✔- Safes
- List
- View audit
- View safe members
✔✔The system safe allows access to the Vault configuration files. - ✔✔True
✔✔What permissions are required for Privileged Accounts Compliance Status Report? -
✔✔- List accounts
- View audit
- Confirm safe request
✔✔What are the two types of reports? - ✔✔- PrivateArk Report: intended for Vault
admins