Pre-Summer Sale 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exams65

ExamsBrite Dumps

CyberArk CDE-CPC Recertification Question and Answers

CyberArk CDE-CPC Recertification

Last Update Apr 15, 2026
Total Questions : 99

We are offering FREE CPC-CDE-RECERT CyberArk exam questions. All you do is to just go and sign up. Give your details, prepare CPC-CDE-RECERT free exam questions and then go for complete pool of CyberArk CDE-CPC Recertification test questions that will help you more.

CPC-CDE-RECERT pdf

CPC-CDE-RECERT PDF

$36.75  $104.99
 Add to Cart
CPC-CDE-RECERT Engine

CPC-CDE-RECERT Testing Engine

$43.75  $124.99
 Add to Cart
CPC-CDE-RECERT PDF + Engine

CPC-CDE-RECERT PDF + Testing Engine

$57.75  $164.99
 Add to Cart
Questions 1

Which statements accurately describe the process of LDAP integration with CyberArk Privilege Cloud Standard? (Choose two.)

Options:

A.  

Directory maps determine user or group creation within the Privilege Cloud Vault.

B.  

A tailored Python script is required to facilitate the LDAP server interaction.

C.  

Upon user login, their directory attributes are refreshed through the directory map.

D.  

For establishing a connection, the domain base context is not a prerequisite.

E.  

The LDAP BIND user requires domain administrative privileges for a successful connection.

Discussion 0
Questions 2

You want to add an additional maintenance user on the PSM for SSH. How can you accomplish this if InstallCyberArkSSHD is set to Integrated?

Options:

A.  

Create a local user and add it to the PSMP_MaintenanceUsers group.

B.  

Create a local user called proxymaster and add it to /etc/pam.d/auth-password.

C.  

Create a local user and add it to the group configured for the parameter AllowGroups in the /etc/ssh/sshd_config file.

D.  

Create a local user called psmpmng and add it to the PSMMaintenance group in /etc/pam.d/auth-password.

Discussion 0
Questions 3

Which tool configures the user object that will be used during the installation of the PSM for SSH component?

Options:

A.  

CreateUserPass

B.  

CreateCredFile

C.  

ConfigureCredFile

D.  

ConfigureUserPass

Discussion 0
Questions 4

Which option correctly describes the authentication differences between CyberArk Privilege Cloud and CyberArk PAM Self-Hosted?

Options:

A.  

CyberArk Privilege Cloud only provides a username and password authentication without third-party IdP integration; CyberArk PAM Self-Hosted uses traditional on-premises methods such as Windows and LDAP. but lacks modern protocols such as SAML or OIDC.

B.  

CyberArk Privilege Cloud uses cloud-based methods, integrating with CyberArk Identity for MFA. and supports SAML and OIDC; CyberArk PAM Self-Hosted depends on on-premises methods such as RADIUS and LDAP, but can adopt SAML or OIDC with additional setups.

C.  

CyberArk Privilege Cloud requires on-premises components for all authentication and does not support other cloud-based authentication protocols; CyberArk PAM Self-Hosted offers a wide array of methods, including support for SAML. OID

C.  

and other modern protocols, without needing on-premises components.

D.  

Both use the same authentication methods.

Discussion 0
Questions 5

Which components can be installed when running the Privilege Cloud Connector installation package? (Choose two.)

Options:

A.  

Privileged Session Manager (PSM)

B.  

Central Policy Manager (CPM)

C.  

Secure Tunnel

D.  

Central Credential Provider (CCP)

E.  

Privileged Session Manager for SSH (PSM for SSH)

Discussion 0
Questions 6

Arrange the steps to install passive CPM using Connector Management in the correct sequence

Options:

Discussion 0
Questions 7

Which statement best describes a PSM server's network requirements?

Options:

A.  

It must reach the target system using its native protocols.

B.  

It requires limited outbound connectivity to Ports 1858 and 443 only.

C.  

It requires direct access to the internet.

D.  

It requires broad inbound firewall rules and outbound traffic should be limited to Port 1858.

Discussion 0
Questions 8

During CPM hardening, which locally created users are granted Logon as a Service rights in the local group policy? (Choose 2.)

Options:

A.  

PasswordManager

B.  

PluginManagerUser

C.  

ScannerUser

D.  

PasswordManagerUser

E.  

CPMServiceAccount

Discussion 0
Questions 9

You are planning to configure Multi-Factor Authentication (MFA) for your CyberArk Privilege Cloud Shared Service. What are the available authentication methods?

Options:

A.  

LDAR RADIUS. SAML OpenID Connect (OIDC)

B.  

Windows. PKI. RADIUS. CyberArk, LDAP. SAML. OpenID Connect (OIDC)

C.  

Privilege Cloud Shared Services fully utilize CyberArk Identity and its MFA options.

D.  

Only RADIUS can be used to achieve MFA across all components, such as PSM for RDP and PSM for SSH.

Discussion 0
Questions 10

What must be specified when authenticating to Privilege Cloud during the Secure Tunnel install?

Options:

A.  

Vault IP Address

B.  

Subdomain or Customer ID

C.  

Privilege Cloud URL

D.  

CaseID

Discussion 0
Questions 11

What are dependencies to update or change the CPM credential? (Choose 2.)

Options:

A.  

APIKeyManager.exe

B.  

CreateCredFile.exe

C.  

CPM/nDomain_Hardening.ps1

D.  

CyberArk.TPC.exe

E.  

Data Execution Prevention

Discussion 0
Questions 12

What is a requirement for increasing the redundancy of PSMs?

Options:

A.  

Use a load balancer.

B.  

Set it by adding parameters to the basic_PSM.ini configuration file.

C.  

CPM must be in all data centers.

D.  

Install the Vault in an HA cluster.

Discussion 0
Questions 13

According to best practice, when considering the location of PSM Connector servers in Privilege Cloud environments, where should the PSM be placed?

Options:

A.  

near the CPM servers

B.  

near the target devices

C.  

near the Vault (closer to the external internet connection)

D.  

near the Users

Discussion 0
Questions 14

Which ports do the CyberArk Identity Connector require to be opened to support using Active Directory for LDAP authentication to Privileged Cloud Shared Services? (Choose two.)

Options:

A.  

TCP 636 from the connector host to the domain controller

B.  

TCP 443 from the connector host to the CyberArk Tenant

C.  

TCP 636 from the CyberArk Tenant to the domain controller

D.  

TCP 443 from the CyberArk Tenant to the connector host

E.  

TCP 636 from the domain controller to the CyberArk Tenant

Discussion 0
Questions 15

Which deployment criteria influences the CyberArk-provided hardening methods that need to be applied to CPM and PSM components?

Options:

A.  

“In Domain” and “Out of Domain”

B.  

“On Premises” and “On Cloud”

C.  

“Windows” and “Linux”

D.  

“Primary Privilege Cloud Connector” and “additional Privilege Cloud Connector”

Discussion 0
Questions 16

(Typing correction / missing stem noted)

Your last item only lists answer choices (no question text). Based on Privilege Cloud documentation, these choices most commonly appear with the question:

“Which tools can be used to upgrade Privilege Cloud Connector components (CPM/PSM)?” (Choose two.)

Options:

A.  

Connector Configurator

B.  

Connector Management Installer

C.  

Privilege Cloud Installer

D.  

Privilege Cloud Auto Installer

E.  

Component Installer

Discussion 0
Questions 17

What is determined by the MaxConcurrentConnections setting within a platform?

Options:

A.  

Maximum number of concurrent connections that can be opened between the CPM and the remote machines for the platform

B.  

Maximum number of concurrent connections that can be between the PSM and the remote machines for the platform

C.  

Maximum number of concurrent connections allowed for a specific account on the platform through the PSM

D.  

Maximum number of concurrent connections to the Vault allowed for sending audit activities relating to the platform

Discussion 0
Questions 18

What is the default username for the PSM for SSH maintenance user?

Options:

A.  

proxymng

B.  

psmp_maintenance

C.  

psmpmaintenanceuser

D.  

proxyusr

Discussion 0
Questions 19

You are configuring an integration to provision users based on LDAP directory services for Privilege Cloud Shared Services. Which component must first be installed and configured in the environment to support this?

Options:

A.  

CyberArk Identity Connector

B.  

Secure Tunnel

C.  

Privilege Cloud Connector

D.  

Linux Connector Server

Discussion 0
Questions 20

Which users are Privilege Cloud Standard built-in users? (Choose 2.)

Options:

A.  

NASCorp

B.  

saascorps

C.  

CyberArkAdmin

D.  

remoteAccessAppUser

E.  

PASReporterUser

Discussion 0
Questions 21

After the session has ended, where is the default final recording storage located?

Options:

A.  

CyberArk Privilege Cloud

B.  

Privilege Cloud Connector

C.  

Network attached storage

D.  

User workstation

Discussion 0
Questions 22

Arrange the steps to complete CPM Hardening for out-of-Domain deployment in the correct sequence.

Options:

Discussion 0
Questions 23

You want to improve performance on the CPM by restricting accounts for the CYBRWINDAD platform to only the WINDEMEA and WINDEMEA_ADMIN Safes. How do you set this in CyberArk?

Options:

A.  

In the CYBRWINDAD platform, under Automatic Password Management > General, configure AllowedSafes and set it to (WINDEMEA)|(WINDEMEA_ADMIN).

B.  

In the settings for Configuration/CPM assigned to the WINDEMEA and WINDEMEAADMIN Safes, configure AllowedSafes and set it to (WINDEMEA)|(WINDEMEAADMIN).

C.  

In the CYBRWINDAD platform, under UI & Workflows > Properties > Optional, configure AllowedSafes and set it to (WINDEMEA)|(WINDEMEA_ADMIN).

D.  

Modify cpm.ini on the relevant CPM(s) and add AllowedSafesCYBRWINDAD and set it to (WINDEMEA)|(WINDEMEAADMIN).

Discussion 0
Questions 24

What is the purpose of the PSM Health Check hardening?

Options:

A.  

Remove IIS settings which can be considered security vulnerabilities.

B.  

Validate that the PSM is ready to be placed behind a load balancer.

C.  

Confirm that the Windows Services for PSM are running on the server.

D.  

Ensure that the AppLocker script does not have any syntax errors.

Discussion 0
Questions 25

You plan to install Privilege Cloud Connectors on your AWS and Azure environments.

What is the maximum number of concurrent RDP/SSH sessions that each connector can handle for Large Implementations?

Options:

A.  

1-10

B.  

31-60

C.  

100

D.  

200

Discussion 0
Questions 26

You have been tasked with deploying a Privilege Cloud PSM for SSH connector When the initial installation has successfully completed, you create and permission several maintenance users to be used for administering the connector.

Which configuration file must be updated to define these maintenance users?

Options:

A.  

sshd.config

B.  

basic_psmpserver.conf

C.  

sshd_config

D.  

psmpparms

Discussion 0
Questions 27

A support team has asked you to provide the previous password for an account that had its password recently changed by the CPM. In which tab within the account's overview page can you retrieve this information?

Options:

A.  

Overview

B.  

Activities

C.  

Details

D.  

Versions

Discussion 0
Questions 28

Which file must you edit to ensure the PSM for SSH server is not hardened automatically after installation?

Options:

A.  

vault.ini

B.  

user.cred

C.  

psmpparms

D.  

psmgw.config

Discussion 0
Questions 29

What must be done to configure the syslog server IP address(es) for SIEM integration? (Choose 2.)

Options:

A.  

Submit a service request to CyberArk Support.

B.  

Update the syslog server IP address through the Privilege Cloud Portal.

C.  

Update the DBPARM.ini file with the correct syslog server IP address.

D.  

Update the vault.ini file with the correct syslog server IP address.

E.  

Configure the Secure Tunnel for SIEM integration.

Discussion 0