Cyber Ark Sentry Exam 100% CORRECT SOLUTIONS VERIFIED

Cyber Ark Sentry Exam 100% CORRECT SOLUTIONS VERIFIED Core Privileged Access Security (PAS) Components - ANSWER EPV + PSM +PTA Enterprise Password Vault (EPV) = - ANSWER Digital Vault + PVWA + CPM EPV - ANSWER Enterprise Password Vault Enterprise Password Vault - ANSWER A hardened and secured digital vault used to store privileged account information. CPM - ANSWER Central Policy Manager Central Policy Manager - ANSWER Performs password changes and SSH key rotations on devices based on the policies set by Vault Administrators. PVWA - ANSWER Password Vault Web Access Password Vault Web Access - ANSWER The web interface used by Administrators to perform administrative tasks and by end users to gain access to privileged account information. PSM - ANSWER Privileged Session Management Privileged Session Management - ANSWER Prevent cyber attacks by isolating desktops from sensitive target machines. Creates accountability and control over privileged session access with policies, workflows, and privileged single sign on. Delivers continuous monitoring and compliance with session recordings with zero footprint on target machines. CPM and PVWA Information Exchange - ANSWER Do not exchange policy information directly. Policy changes are saved to the Vault. Each component refreshes its local cache of policies via the VPN. PVWA/CPM Port - ANSWER TCP/443 Possible Reasons for Multiple CPMs - ANSWER Isolated network segments WAN link latency Scalability Eight Security Controls of CyberArk - ANSWER 1. Isolate and harden the digital vault server 2. Use 2-factor authentication 3. Restrict access to component servers 4. Limit privileges and points of administration 5. Protect sensitive accounts and encryption keys 6. Use secure protocols 7. Monitor logs for irregularities 8. Create and periodically test a DR plan What types of attacks does isolating the digital vault server protect against? - ANSWER Pass-the-hash and golden ticket (leverage Kerberos protocol) Principles of Isolating and Hardening the Digital Vault Server - ANSWER 1. Not be and never have been a member of a Windows domain 2. No third-party software 3. Network traffic is restricted to CyberArk protocols 4. Physical servers What types of attacks does two-factor authentication protect against? - ANSWER Key loggers or more advanced tools that are capable of harvesting plaintext passwords Principles of Restricting Access to Component Servers - ANSWER 1. Consider installing each one on a dedicated physical server 2. Consider installing on workgroup rather than domain joined servers 3. Do not install non-CyberArk applications on the component servers 4. Limit the accounts that can access component servers and ensure that any domain accounts used to access CyberArk servers are unable to access domain controllers 5. Use network-based firewalls and IPsec to restrict, encrypt, and authenticate inbound administrative traffic 6. Use the PSM and the local admin account to access component servers 7. Deploy application whitelisting and limit execution to authorized applications Why do you limit the number of privileged accounts and the extent of their privileges? - ANSWER Reduces the overall privileged account attack surface. Principles of Limiting Privileges and Points of Administration - ANSWER 1. Reduce privileges of CyberArk admin accounts 2. Eliminate unnecessary CyberArk admin accounts 3. CyberArk admins should not have access to all credentials 4. Require privilege elevation (Dual Control/Ticketing Integration) 5. Use the PSM to isolate and monitor CyberArk administration 6. Require 2-factor authentication for all avenues of admin access CyberArk Internal Admin Accounts - ANSWER Administrator account Master user account Vault Encryption Keys - ANS