CYBERARK SENTRY QUIZ
What is the primary reason for installing more than one active Central Policy
Manager (CPM) - answer-Installing CPMs in multiple sites prevents complex
firewall rules to manage devices at remote sites
The Remote Desktop services role installed on PSM must be properly
licensed by Microsoft - answer-Yes, This is necessary and must be scoped
and purchased prior to project implementation
When using multiple CPMs, which one of the following Safes is shared is
shared by all CPMs - answer-PasswordManager_Pending
Which of the following is NOT a use case for installing multiple CPMs -
answer-Provide load-balancing capabilities when managing passwords on
target devices
The DR module allows an integration with enterprise backup software -
answer-False
Multiple CPM servers can be load balanced - answer-False
Multiple Vault Servers can be load balanced - answer-False
Multiple PVWA servers cvan be load balanced - answer-True
When working with the CyberArk High Availability Cluster, which services are
running on the passive node? - answer-Cluster Vault Manager
When working with the CyberArk DR solution, which services should be
running on the DR Vault - answer-CyberArk Vault Disaster Recovery (DR)
PrivateArk Database
Which service when failed does not mandate a failover and is considered
optional when working the CyberArk High Availability Cluster - answer-Event
Notification Engine
How does the Vault administrator configure the CyberArk Disaster Recovery
(DR) solution to perform automatic failover in case of failure in the Primary
Vault? - answer-By setting "EnableFailover=yes" in the padr.ini file
When working with the CyberArk Cluster, the Virtual IP is used by: - answer-
The CyberArk component to communicate with the Vault Cluster over the
public network
, In a Distributed Vault environment, which of the following component will
NOT be communicating with the Satellite Vaults? - answer-Central Policy
Manager
In a DR environment, which of the following should NEVER be configured for
automatic failover due to the possibility of split-brain phenomenon - answer-
CPM
To support a fault tolerant and high-availability architecture, the PVWA
servers must to be configured to communicate with the Primary
Vault/Satellite Vaults. Which file needs to be changed on the PVWA to enable
this setup? - answer-Vault.ini
The Vault does NOT support dual factor authentication - answer-False
A SMTP integration allows the Vault administrator to forward audit records
from the Vault to the Security Information and Event Management [SIEM] -
answer-False
A SNMP integration allows the Vault administrator to forward audit records
from the Vault to the Security Information and Event Management [SIEM] -
answer-False
Which file is used to open up a non-standard firewall port to the Vault? -
answer-DBParm.ini
When accessing the Vault via PVWA, is it possible to configure multiple dual
authentication methods? - answer-Yes, authentication methods will be
configured to use the combination of IIS and Vault integrated authentication
flow
Which file is used to integrate the Vault with the RADIUS server? - answer-
dbparm.ini
If a transparent user matches two different directory mappings, how does
the system determine which user template to use? - answer-The system will
use the template for the mapping listed first.
Where does the Vault administrator configure in PVWA the FQDN of the
domain controller during LDAP/S integration - answer-PVWA > Administration
> LDAP Integration
The Vault can only integrate with a single security information and event
management [SIEM] or SYSLOG server. - answer-False
What is the primary reason for installing more than one active Central Policy
Manager (CPM) - answer-Installing CPMs in multiple sites prevents complex
firewall rules to manage devices at remote sites
The Remote Desktop services role installed on PSM must be properly
licensed by Microsoft - answer-Yes, This is necessary and must be scoped
and purchased prior to project implementation
When using multiple CPMs, which one of the following Safes is shared is
shared by all CPMs - answer-PasswordManager_Pending
Which of the following is NOT a use case for installing multiple CPMs -
answer-Provide load-balancing capabilities when managing passwords on
target devices
The DR module allows an integration with enterprise backup software -
answer-False
Multiple CPM servers can be load balanced - answer-False
Multiple Vault Servers can be load balanced - answer-False
Multiple PVWA servers cvan be load balanced - answer-True
When working with the CyberArk High Availability Cluster, which services are
running on the passive node? - answer-Cluster Vault Manager
When working with the CyberArk DR solution, which services should be
running on the DR Vault - answer-CyberArk Vault Disaster Recovery (DR)
PrivateArk Database
Which service when failed does not mandate a failover and is considered
optional when working the CyberArk High Availability Cluster - answer-Event
Notification Engine
How does the Vault administrator configure the CyberArk Disaster Recovery
(DR) solution to perform automatic failover in case of failure in the Primary
Vault? - answer-By setting "EnableFailover=yes" in the padr.ini file
When working with the CyberArk Cluster, the Virtual IP is used by: - answer-
The CyberArk component to communicate with the Vault Cluster over the
public network
, In a Distributed Vault environment, which of the following component will
NOT be communicating with the Satellite Vaults? - answer-Central Policy
Manager
In a DR environment, which of the following should NEVER be configured for
automatic failover due to the possibility of split-brain phenomenon - answer-
CPM
To support a fault tolerant and high-availability architecture, the PVWA
servers must to be configured to communicate with the Primary
Vault/Satellite Vaults. Which file needs to be changed on the PVWA to enable
this setup? - answer-Vault.ini
The Vault does NOT support dual factor authentication - answer-False
A SMTP integration allows the Vault administrator to forward audit records
from the Vault to the Security Information and Event Management [SIEM] -
answer-False
A SNMP integration allows the Vault administrator to forward audit records
from the Vault to the Security Information and Event Management [SIEM] -
answer-False
Which file is used to open up a non-standard firewall port to the Vault? -
answer-DBParm.ini
When accessing the Vault via PVWA, is it possible to configure multiple dual
authentication methods? - answer-Yes, authentication methods will be
configured to use the combination of IIS and Vault integrated authentication
flow
Which file is used to integrate the Vault with the RADIUS server? - answer-
dbparm.ini
If a transparent user matches two different directory mappings, how does
the system determine which user template to use? - answer-The system will
use the template for the mapping listed first.
Where does the Vault administrator configure in PVWA the FQDN of the
domain controller during LDAP/S integration - answer-PVWA > Administration
> LDAP Integration
The Vault can only integrate with a single security information and event
management [SIEM] or SYSLOG server. - answer-False
