AND ANSWERS GRADED A+
method works best for accounts that are used on machines that are part of a LDAP
directory or exist on know UNIX systems. - ✔✔Accounts Discovery
✔✔Which interval setting does the CPM use to manage one time passwords? -
✔✔Immediate Interval, use of a one time password is considered user initiated work
✔✔What does the dependencies column show in pending accounts? - ✔✔Any Windows
services or scheduled tasks that use this specific account
✔✔What are the four most common methods for onboarding accounts in CyberArk? -
✔✔1. Manual Entry through PVWA
2. Password Upload Utility
3. Accounts Discovery
4. Rest API
✔✔Once the Vault is hardened, which file would you edit to add new firewall rules? -
✔✔DBParm.ini
✔✔What permissions are required for the Entitlement Report? - ✔✔Manage users or
audit users
✔✔What two users are created locally during the PSM installation? - ✔✔PSM Admin
Connect: used by auditors to monitor live session
PSM Connect: used by end users to launch a session via the PSM
✔✔What's the purpose and permissions needed for Privileged Accounts Compliance
Status Report? - ✔✔- CPM status for each amount validates compliance with policy
- List accounts in all safes that are included in the report. View audit or confirm safe
request in safes that are configured for dual control. Membership of the PVWAMonitor
group, membership of auditors group
✔✔The DR module allows an integration with Enterprise Backup Solution. - ✔✔False
✔✔A list of active or non-active safes for activities over a specified period of time. -
✔✔Active/Non-active safes
✔✔What happens to accounts that do not match onboarding rules? - ✔✔They will be
listed in pending accounts
✔✔What version of CyberArk is the onboarding rules configuration available? - ✔✔10.2
and so on
, ✔✔What are the three safes created when the Vault is installed? - ✔✔- Notification
engine
- System
- Vault Internal
✔✔Which file would you modify to configure the Vault to send SNTP traps to your
monitoring solution? - ✔✔PARagent.ini
✔✔Tunnels session between the end user and the PSM proxy machine using a secure
web socket protocol (Port 443) - ✔✔HTML 5 Gateway
✔✔Which user is automatically given all safe authorizations on all safes? - ✔✔Master
✔✔Automatic onboarding rules apply to accounts without __________? -
✔✔Dependencies
✔✔In a DR solution, which components/services need to be active in the DR vault? -
✔✔CyberArk DR service and PrivateArk server
✔✔What are the four events PSM provides auditing? - ✔✔- SQL commands
- SSH keystrokes
- Windows titles
- Universal keystrokes
✔✔The Vault Internal Safe contains the configuration for an LDAP integration. -
✔✔True
✔✔To apply a new license file you must: - ✔✔Upload the license to the system safe
✔✔What is the name of the Password Upload Utility Parameter file? - ✔✔Conf.ini
✔✔How long can a safe name be? - ✔✔No more than 28 characters
✔✔This onboarding method works best for test accounts needed while developing
workflow process in the Vault and one of speciality accounts. - ✔✔Manual entry through
PVWA
✔✔What level of authentication does the Mater require? - ✔✔- Password
- Master CD
- Specified terminal