CyberArk Defender - PAM
Last Update Apr 28, 2024
Total Questions : 239
We are offering FREE PAM-DEF CyberArk exam questions. All you do is to just go and sign up. Give your details, prepare PAM-DEF free exam questions and then go for complete pool of CyberArk Defender - PAM test questions that will help you more.
You are creating a new Rest API user that utilizes CyberArk Authentication.
What is a correct process to provision this user?
A user with administrative privileges to the vault can only grant other users privileges that he himself has.
You have been asked to create an account group and assign three accounts which belong to a cluster. When you try to create a new group, you receive an unauthorized error; however, you are able to edit other aspects of the account properties.
Which safe permission do you need to manage account groups?
A user needs to view recorded sessions through the PVWA.
Without giving auditor access, which safes does a user need access to view PSM recordings? (Choose two.)
What are the minimum permissions to add multiple accounts from a file when using PVWA bulk-upload? (Choose three.)
A user is receiving the error message “ITATS006E Station is suspended for User jsmith” when attempting to sign into the Password Vault Web Access (PVWA). Which utility would a Vault administrator use to correct this problem?
You are configuring a Vault HA cluster.
Which file should you check to confirm the correct drives have been assigned for the location of the Quorum and Safes data disks?
In the Private Ark client under the Tools menu > Administrative Tools > Users and Groups, which option do you use to update users’ Vault group memberships?
You are creating a Dual Control workflow for a team’s safe.
Which safe permissions must you grant to the Approvers group?
A new domain controller has been added to your domain. You need to ensure the CyberArk infrastructure can use the new domain controller for authentication.
Which locations must you update?
What is required to enable access over SSH to a Unix account through both PSM and PSMP?
Which accounts can be selected for use in the Windows discovery process? (Choose two.)
Which Automatic Remediation is configurable for a PTA detection of a “Suspected Credential Theft”?
What is the name of the Platform parameters that controls how long a password will stay valid when One Time Passwords are enabled via the Master Policy?
You have been given the requirement that certain accounts cannot have their passwords updated during business hours.
How can you set up a configuration to meet this requirement?
Which of the following files must be created or configured m order to run Password Upload Utility? Select all that apply.
It is possible to restrict the time of day, or day of week that a [b]verify[/b] process can occur
PTA can automatically suspend sessions if suspicious activities are detected in a privileged session, but only if the session is made via the CyberArk PSM.
A new HTML5 Gateway has been deployed in your organization.
Where do you configure the PSM to use the HTML5 Gateway?
Which parameter controls how often the CPM looks for Soon-to-be-expired Passwords that need to be changed.
A user requested access to view a password secured by dual-control and is unsure who to contact to expedite the approval process. The Vault Admin has been asked to look at the account and identify who can approve their request.
What is the correct location to identify users or groups who can approve?
To manage automated onboarding rules, a CyberArk user must be a member of which group?
Which built-in report from the reports page in PVWA displays the number of days until a password is due to expire?
Which Vault authorization does a user need to have assigned to able to generate the "Entitlement Report" from the reports page in PVWA? (Choose two.)
According to CyberArk, which issues most commonly cause installed components to display as disconnected in the System Health Dashboard? (Choose two.)
Arrange the steps to restore a Vault using PARestore for a Backup in the correct sequence.
As long as you are a member of the Vault Admins group you can grant any permission on any safe.
Your organization requires all passwords be rotated every 90 days.
Where can you set this regulatory requirement?
Which of the following are secure options for storing the contents of the Operator CD, while still allowing the contents to be accessible upon a planned Vault restart? (Choose three.)
If a user is a member of more than one group that has authorizations on a safe, by default that user is granted________.
What is the maximum number of levels of authorization you can set up in Dual Control?
Which Cyber Are components or products can be used to discover Windows Services or Scheduled Tasks that use privileged accounts? Select all that apply.
Assuming a safe has been configured to be accessible during certain hours of the day, a Vault Admin may still access that safe outside of those hours.
A new HTML5 Gateway has been deployed in your organization.
From the PVWA, arrange the steps to configure a PSM host to use the HTML5 Gateway in the correct sequence.
Which type of automatic remediation can be performed by the PTA in case of a suspected credential theft security event?
In your organization the “click to connect” button is not active by default.
How can this feature be activated?
Ad-Hoc Access (formerly Secure Connect) provides the following features. Choose all that apply.
You want to give a newly-created group rights to review security events under the Security pane. You also want to be able to update the status of these events.
Where must you update the group to allow this?
When a DR Vault Server becomes an active vault, it will automatically fail back to the original state once the Primary Vault comes back online.
Target account platforms can be restricted to accounts that are stored m specific Safes using the Allowed Safes property.
In a rule using “Privileged Session Analysis and Response” in PTA, which session options are available to configure as responses to activities?
When the CPM connects to a database, which interface is most commonly used?
When Dual Control is enabled a user must first submit a request in the Password Vault Web Access (PVWA) and receive approval before being able to launch a secure connection via PSM for Windows (previously known as RDP Proxy).
What must you specify when configuring a discovery scan for UNIX? (Choose two.)
Which CyberArk utility allows you to create lists of Master Policy Settings, owners and safes for output to text files or MSSQL databases?
Which of the following PTA detections are included in the Core PAS offering?
During a High Availability node switch you notice an error and the Cluster Vault Manager Utility fails back to the original node.
Which log files should you check to investigate the cause of the issue? (Choose three.)
You have been asked to turn off the time access restrictions for a safe.
Where is this setting found?
Due to network activity, ACME Corp’s PrivateArk Server became active on the OR Vault while the Primary Vault was also running normally. All the components continued to point to the Primary Vault.
Which steps should you perform to restore DR replication to normal?
Vault admins must manually add the auditors group to newly created safes so auditors will have sufficient access to run reports.