CYBERARK DEFENDER PREPQUESTIONS
Which values are acceptable in the address field of an Account?
Any name that is resolvable on the Central Policy Manager (CPM) server is acceptable
The Accounts Feed contains:
Accounts that were discovered by CyberArk in the last 30 days.
Accounts Discovery allows secure connections to domain controllers
True
What is considered a proactive onboarding method?
A Rest API integration with account provisioning software
When creating an onboarding rule, it will be executed upon
Any future accounts discovered by a discovery process
What are the functions of the Remote Control Agent service?
- Allows remote monitoring of the vault
- Sends SNMP traps from the vault
- Allows CyberArk services to be managed (start/stop/status) remotely
The Vault administrator can change the Vault license by uploading the new license to
the system Safe
True
CyberArk implements license limits by controlling the number and types of users that
can be provisioned in the Vault
True
PSM for Windows (previously known as RDP Proxy) supports connections to which
target systems?
- Windows
- Unix
- Oracle
PSM for SSH (previously known as PSM-SSH Proxy) supports connections to which
target systems?
Unix
Within the Vault each password is encrypted by:
, Its own unique key
Which utilities could a Vault administrator use to change debugging levels on the Vault
without having to restart the Vault?
- PAR Agent
- PrivateArk Server Central Administration
How does the Vault administrator apply a new license file?
Upload the license.xml file to the system Safe
Which keys are required to be present in order to start the Private Ark Server service?
- Recovery public key
- Server key
What is the purpose of the CyberArk Event Notification Engine service?
It sends email messages from the Vault
What is the purpose of the PrivateArk Database service?
Maintains Vault metadata
What is the purpose of the PrivateArk Server Service?
Makes Vault data accessible to the components
What is the best practice for storing the Master CD?
Store the CD in a secure location, such as a physical safe
What are secure options for storing the contents of the Operator CD, while still allowing
the contents to be accessible upon a planned Vault restart?
- Store the CD in a physical safe and mount the CD every time Vault maintenance is
performed
- Copy the entire contents of the CD to a folder on the Vault Server and secure it with
NTFS permissions
- Store the server key in a Hardware Security Module (HSM) and copy the rest of the
keys from the CD to a folder on the Vault Server and secure it with NTFS permissions
Which service should NOT be running on the DR Vault when the primary Production
Vault is up?
PrivateArk Server
Which of the following logs contains information about errors related to PTA?
diamond.log
Which values are acceptable in the address field of an Account?
Any name that is resolvable on the Central Policy Manager (CPM) server is acceptable
The Accounts Feed contains:
Accounts that were discovered by CyberArk in the last 30 days.
Accounts Discovery allows secure connections to domain controllers
True
What is considered a proactive onboarding method?
A Rest API integration with account provisioning software
When creating an onboarding rule, it will be executed upon
Any future accounts discovered by a discovery process
What are the functions of the Remote Control Agent service?
- Allows remote monitoring of the vault
- Sends SNMP traps from the vault
- Allows CyberArk services to be managed (start/stop/status) remotely
The Vault administrator can change the Vault license by uploading the new license to
the system Safe
True
CyberArk implements license limits by controlling the number and types of users that
can be provisioned in the Vault
True
PSM for Windows (previously known as RDP Proxy) supports connections to which
target systems?
- Windows
- Unix
- Oracle
PSM for SSH (previously known as PSM-SSH Proxy) supports connections to which
target systems?
Unix
Within the Vault each password is encrypted by:
, Its own unique key
Which utilities could a Vault administrator use to change debugging levels on the Vault
without having to restart the Vault?
- PAR Agent
- PrivateArk Server Central Administration
How does the Vault administrator apply a new license file?
Upload the license.xml file to the system Safe
Which keys are required to be present in order to start the Private Ark Server service?
- Recovery public key
- Server key
What is the purpose of the CyberArk Event Notification Engine service?
It sends email messages from the Vault
What is the purpose of the PrivateArk Database service?
Maintains Vault metadata
What is the purpose of the PrivateArk Server Service?
Makes Vault data accessible to the components
What is the best practice for storing the Master CD?
Store the CD in a secure location, such as a physical safe
What are secure options for storing the contents of the Operator CD, while still allowing
the contents to be accessible upon a planned Vault restart?
- Store the CD in a physical safe and mount the CD every time Vault maintenance is
performed
- Copy the entire contents of the CD to a folder on the Vault Server and secure it with
NTFS permissions
- Store the server key in a Hardware Security Module (HSM) and copy the rest of the
keys from the CD to a folder on the Vault Server and secure it with NTFS permissions
Which service should NOT be running on the DR Vault when the primary Production
Vault is up?
PrivateArk Server
Which of the following logs contains information about errors related to PTA?
diamond.log
