Weekend Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Question # 4

In a Disaster Recovery (DR) environment, which of the following should NEVER be configured for automatic failover due to the possibility of split-brain phenomenon?

A.

Password Vault Web Access (PVWA)

B.

PSM

C.

CPM

D.

PTA

Full Access
Question # 5

To support a fault tolerant and high-availability architecture, the Password Vault Web Access (PVWA) servers need to be configured to communicate with the Primary Vault and Satellite Vaults. What file needs to be changed on the PVWA to enable this setup?

A.

Vault.ini

B.

dbparm.ini

C.

pvwa.ini

D.

Satellite.ini

Full Access
Question # 6

The Vault administrator can change the Vault license by uploading the new license to the system Safe.

A.

True

B.

False

Full Access
Question # 7

Which file is used to configure new firewall rules on the Vault?

A.

firewall.ini

B.

PARagent.ini

C.

dbparm.ini

D.

padr.ini

Full Access
Question # 8

Multiple PVWA servers provide automatic load balancing.

A.

TRUE

B.

FALSE

Full Access
Question # 9

What values are acceptable in the address field on the Accounts Details.

A.

It must be a fully qualified domain name (FQDN)

B.

It must be an IP address

C.

It must be NetBIOS name

D.

Any name that is resolvable on the CPM server is acceptable

Full Access
Question # 10

Which Master Policy?

A.

Password Expiration Time

B.

Enabling and Disabling of the Connection Through the PSM

C.

Password Complexity

D.

The use of "One-Time-Passwords"

Full Access
Question # 11

How does the Vault administrator configure the CyberArk Disaster Recovery (DR) solution to perform automatic failover in case of failure in the Primary Vault?

A.

By setting "EnableFailover=yes" in the padr.ini file

B.

By setting "EnableFailover=yes" in the dbparm.ini file

C.

By setting "FailoverMode=yes" in the padr.ini file

D.

By setting "FailoverMode=yes" in the dbparm.ini file

Full Access
Question # 12

The Remote Desktop Services role must be property licensed by Microsoft.

A.

TRUE

B.

FALSE

Full Access
Question # 13

Match the log file name with the CyberArk Component that generates the log.

Full Access
Question # 14

Ad-Hoc Access (formerly Secure Connect) provides the following features. (Choose all that apply.)

A.

PSM connections to target devices that are not managed by CyberArk

B.

Session Recording

C.

Real-time live session monitoring

D.

PSM connections from a terminal without the need to login to the PVWA

Full Access
Question # 15

What is the proper way to allow the Vault to resolve host names?

A.

Define a DNS server

B.

Define a WINS server

C.

Defining the local hosts file

D.

The Vault cannot resolve host names due to security standards

Full Access
Question # 16

After the Vault administrator configures syslog integration on the Vault, the Vault will be able to.

A.

forward ITALOG records to Security Information and Event Management (SIEM).

B.

send out Simple Network Management Protocol (SNMP) traps.

C.

forward audit records to Security Information and Event Management (SIEM).

D.

forward emails to SIEM.

Full Access
Question # 17

Which type of automatic remediation can be performed by the PTA in case of a suspicious password change security event?

A.

Password change

B.

Password reconciliation

C.

Session suspension

D.

Session termination

Full Access
Question # 18

When the PSM Gateway (also known as the HTML5 Gateway) is implemented, users must have an RDP client, such as MSTSC, installed on their endpoint in order to launch connections via the PSM.

A.

True

B.

False. When the PSM Gateway is implemented, the user only requires a browser in order launch a connection via the PSM.

Full Access
Question # 19

Time of day of week restrictions on when password changes can occur are configured in ________________.

A.

The Master Policy

B.

The Platform settings

C.

The Safe settings

D.

The Account Details

Full Access
Question # 20

Accounts Discovery allows secure connections to domain controllers.

A.

True

B.

False

Full Access
Question # 21

Which one of the built-in Vault users is not automatically added to the safe when it is first created in PVWA?

A.

Master

B.

Administrator

C.

Auditor

D.

Operator

Full Access
Question # 22

For an account attached to a platform that requires Dual Control based on a Master Policy exception, how would you configure access a password without approval

A.

Create an exception to the Master Policy to exclude the group from the workflow process.

B.

Edit the master policy rule and modify the advanced 'Access safe without approval' rule to include the group.

C.

On the safe in which the account is stored grant the group the 'Access safe without audit' authorization.

D.

On the safe in which the account is stored grant the group the 'Access safe without confirmation' authorization

Full Access
Question # 23

Multiple PVWA servers can be load balanced.

A.

TRUE

B.

FALSE

Full Access
Question # 24

A logon account can be specified in the platform settings.

A.

True

B.

False

Full Access
Question # 25

Which parameter controls how often the CPM looks for Exclusive Passwords that need to be changed?

A.

HeadStartInterval

B.

Interval

C.

ImmediateInterval

D.

The CPM does not change the password under this circumstance

Full Access
Question # 26

Which file is used to integrate the Vault with the RADIUS server?

A.

radius.ini

B.

PARagent.ini

C.

ENEConf.ini

D.

dbparm.ini

Full Access
Question # 27

When managing SSH keys, the Central Policy Manager (CPM) stores the private key.

A.

in the Vault

B.

on the target server

C.

in the Vault and on the target server

D.

nowhere because the private key can always be generated from the public key

Full Access
Question # 28

PSM requires the Remote Desktop Gateway role service.

A.

TRUE

B.

FALSE

Full Access
Question # 29

CyberArk implements license limits by controlling the number and types of users that can be provisioned in the vault.

A.

TRUE

B.

FALSE

Full Access
Question # 30

During LDAP/S integration you should specify the Fully Qualified Domain Name (FQDN) of the Domain Controller

A.

TRUE

B.

FALSE

Full Access
Question # 31

The vault server uses a modified version of the Microsoft Windows firewall

A.

TRUE

B.

FALSE

Full Access
Question # 32

The PSM Gateway (also known as the HTML5 Gateway) can be installed

A.

True

B.

False, the PSM Gateway must be installed on a separate Windows machine

Full Access
Question # 33

tsparm.ini is the main configuration file for the vault.

A.

TRUE

B.

FALSE

Full Access
Question # 34

The Vault needs to send SNMP traps to your SNMP solution, which file is used to configure the IP address of

the SNMP server?

A.

snmp.ini

B.

dbparm.ini

C.

ENEConf.ini

D.

PARAgent.ini

Full Access
Question # 35

What is the process to remove object level access control from a Safe?

A.

Uncheck the 'Enable Object Level Access Control' on the Safe Details page in the PVWA.

B.

Uncheck the 'Enable Object Level Access Control' box in the Safe Properties in PrivateArk.

C.

This cannot be done.

D.

Remove all ACLs from the Safe.

Full Access