Exact2Pass
What must you specify when configuring a discovery scan for UNIX? (Choose two.)
A password compliance audit found:
1) One-time password access of 20 domain accounts that are members of Domain Admins group in Active Directory are not being enforced.
2) All the sessions of connecting to domain controllers are not being recorded by CyberArk PSM.
What should you do to address these findings?
Which of the following are secure options for storing the contents of the Operator CD, while still allowing the contents to be accessible upon a planned Vault restart? (Choose three.)
A Vault Administrator team member can log in to CyberArk, but for some reason, is not given Vault Admin rights.
Where can you check to verify that the Vault Admins directory mapping points to the correct AD group?
The Active Directory User configured for Windows Discovery needs which permission(s) or membership?
Which onboarding method would you use to integrate CyberArk with your accounts provisioning process?
In PVWA, you are attempting to play a recording made of a session by user jsmith, but there is no option to “Fast Forward” within the video. It plays and only allows you to skip between commands instead. You are also unable to download the video.
What could be the cause?
What is the maximum number of levels of authorization you can set up in Dual Control?
Which of the following logs contains information about errors related to PTA?
Users who have the 'Access Safe without confirmation' safe permission on a safe where accounts are configured for Dual control, still need to request approval to use the account.
How much disk space do you need on a server to run a full replication with PAReplicate?
As long as you are a member of the Vault Admins group you can grant any permission on any safe.
PSM for Windows (previously known as “RDP Proxy”) supports connections to the following target systems
For an account attached to a platform that requires Dual Control based on a Master Policy exception, how would you configure a group of users to access a password without approval.
An auditor needs to login to the PSM in order to live monitor an active session. Which user ID is used to establish the RDP connection to the PSM server?
You are creating a new Rest API user that utilizes CyberArk Authentication.
What is a correct process to provision this user?
What is the name of the Platform parameters that controls how long a password will stay valid when One Time Passwords are enabled via the Master Policy?
A user needs to view recorded sessions through the PVWA.
Without giving auditor access, which safes does a user need access to view PSM recordings? (Choose two.)
Which file must be edited on the Vault to configure it to send data to PTA?
According to the DEFAULT Web Options settings, which group grants access to the REPORTS page?
Assuming a safe has been configured to be accessible during certain hours of the day, a Vault Admin may still access that safe outside of those hours.
Which accounts can be selected for use in the Windows discovery process? (Choose two.)
A user is receiving the error message “ITATS006E Station is suspended for User jsmith” when attempting to sign into the Password Vault Web Access (PVWA). Which utility would a Vault administrator use to correct this problem?
When on-boarding account using Accounts Feed, Which of the following is true?
Which combination of Safe member permissions will allow end users to log in to a remote machine transparently but NOT show or copy the password?
Which parameter controls how often the CPM looks for accounts that need to be changed from recently completed Dual control requests.
As long as you are a member of the Vault Admins group, you can grant any permission on any safe that you have access to.
You received a notification from one of your CyberArk auditors that they are missing Vault level audit permissions. You confirmed that all auditors are missing the Audit Users Vault permission.
Where do you update this permission for all auditors?
Which Vault authorization does a user need to have assigned to able to generate the "Entitlement Report" from the reports page in PVWA? (Choose two.)
In a default CyberArk installation, which group must a user be a member of to view the “reports” page in PVWA?
You have been given the requirement that certain accounts cannot have their passwords updated during business hours.
How can you set up a configuration to meet this requirement?
Which change could CyberArk make to the REST API that could cause existing scripts to fail?
If a password is changed manually on a server, bypassing the CPM, how would you configure the account so that the CPM could resume management automatically?
A user requested access to view a password secured by dual-control and is unsure who to contact to expedite the approval process. The Vault Admin has been asked to look at the account and identify who can approve their request.
What is the correct location to identify users or groups who can approve?
You are onboarding an account that is not supported out of the box.
What should you do first to obtain a platform to import?
By default, members of which built-in groups will be able to view and configure Automatic Remediation and Session Analysis and Response in the PVWA?
A new HTML5 Gateway has been deployed in your organization.
From the PVWA, arrange the steps to configure a PSM host to use the HTML5 Gateway in the correct sequence.
Users can be resulted to using certain CyberArk interfaces (e.g.PVWA or PACLI).
ADR Vault became active due to a failure of the primary Vault. Service on the primary Vault has now been restored. Arrange the steps to return the DR vault to its normal standby mode in the correct sequence.
You are creating a Dual Control workflow for a team’s safe.
Which safe permissions must you grant to the Approvers group?
Which of the following statements are NOT true when enabling PSM recording for a target Windows server? (Choose all that apply)
When an account is unable to change its own password, how can you ensure that password reset with the reconcile account is performed each time instead of a change?
Which report could show all accounts that are past their expiration dates?
You are concerned about the Windows Domain password changes occurring during business hours.
Which settings must be updated to ensure passwords are only rotated outside of business hours?
It is possible to leverage DNA to provide discovery functions that are not available with auto-detection.
If the AccountUploader Utility is used to create accounts with SSH keys, which parameter do you use to set the full or relative path of the SSH private key file that will be attached to the account?
All of your Unix root passwords are stored in the safe UnixRoot. Dual control is enabled for some of the accounts in that safe. The members of the AD group UnixAdmins need to be able to use the show, copy, and connect buttons on those passwords at any time without confirmation. The members of the AD group Operations Staff need to be able to use the show, copy and connect buttons on those passwords on an emergency basis, but only with the approval of a member of Operations Managers never need to be able to use the show, copy or connect buttons themselves.
Which safe permission do you need to grant Operations Staff? Check all that apply.
You have been asked to create an account group and assign three accounts which belong to a cluster. When you try to create a new group, you receive an unauthorized error; however, you are able to edit other aspects of the account properties.
Which safe permission do you need to manage account groups?
If a user is a member of more than one group that has authorizations on a safe, by default that user is granted________.
You are troubleshooting a PVWA slow response.
Which log files should you analyze first? (Choose two.)
