CyberArk Defender - PAM & Sentry - PAM (PAM-DEF-SEN) Free Practice Test

Question 1

What is the purpose of the PrivateArk Database service?

A. Maintains Vault metadata.

B. Executes password changes

C. Sends email alerts from the vault ID.

D. Communicates with components.

Correct Answer: C

Question 2

After the Vault server is installed, the Microsoft Windows firewall is now commandeered by the Vault. Can the administrator change these firewall rules?

A. Yes, the administrator can still modify firewall rules via the Windows firewall interface.

B. Yes, but the administrator can only modify the firewall rules by editing the dbparm.ini file and the restarting the Vault.

C. Yes, but the administrator can only modify the firewall rules by editing the FirewallRules.ini file and the restarting the Vault.

D. No, the Vault does not permit any changes to the firewall due to security requirements.

Correct Answer: B

Question 3

Can you forward audit records to your monitoring solution via SIEM integration?

A. No

B. Yes

Correct Answer: B

Question 4

Any user can monitor live sessions in real time when initiating RDP connection via Secure Connect through PSM.

A. False

B. True

Correct Answer: A

Question 5

Time of day of week restrictions on when password changes can occur are configured in ________________.

A. The Platform settings

B. The Safe settings

C. The Account Details

D. The Master Policy

Correct Answer: A

Question 6

What are the functions of the Remote Control Agent service? (Choose all that apply.)

A. Sends SNMP traps from the Vault

B. Allows remote monitoring of the Vault

C. Maintains audit data

D. Allows CyberArk Services to be managed (start/stop/status) remotely

Correct Answer: A,B,D

Question 7

When using multiple Central Policy Managers (CPM), which one of the following Safes is shared by all CPMs?

A. PasswordManager_Pending

B. PasswordManager_workspace

C. PasswordManagerSharedSafe

D. PasswordManager_ADInternal

Correct Answer: C

Question 8

What values are acceptable in the address field on the Accounts Details.

A. Any name that is resolvable on the CPM server is acceptable

B. It must be an IP address

C. It must be NetBIOS name

D. It must be a fully qualified domain name (FQDN)

Correct Answer: A

Question 9

When the PSM Gateway (also known as the HTML5 ( End Point in order to launch connections via the PSM

A. True

B. False, when the PSM Gateway is implemented, the user only requires a browser in order launch a connection via the PSM

Correct Answer: B

Question 10

When managing SSH keys, the CPM stores the Public Key ________________.

A. On the target server

B. Nowhere because the public key can always be generated from the private key

C. A & B

D. In the Vault

Correct Answer: A

Question 11

In accordance with best practice. SSH access is denied for root accounts on UNIX/LINUX systems.
What is the BEST way to allow CPM to manage root accounts?

A. Create a privileged account on the target server Allow this account the ability to SSH directly from the CPM machine Configure this account as the Reconcile account of the target server's root account.

B. Configure the Unix system to allow SSH logins.

C. Create a non-privileged account on the target server Allow this account the ability to SSH directly from the CPM machine. Configure this account as the Logon account of the target server's root account

D. Configure the CPM to allow SSH logins

Correct Answer: C

Question 12

The Password upload utility can be used to create safes.

A. FALSE

B. TRUE

Correct Answer: B

Question 13

Which is the correct order of installation for PAS components?

A. PVWA, Vault, CPM. PSM

B. Vault. CPM. PVWA. PSM

C. CPM, Vault. PSM. PVWA

D. Vault, CPM. PSM, PVWA

Correct Answer: B

Question 14

Vault admins must manually add the auditors group to newly created safes so auditors will have sufficient access to run reports.

A. FALSE

B. TRUE

Correct Answer: A

Question 15

It is impossible to override Master Policy settings for a Platform

A. FALSE

B. TRUE

Correct Answer: A

Welcome to TestSimulate

CyberArk Defender - PAM & Sentry - PAM (PAM-DEF-SEN) Free Practice Test