PAM-DEF Exam Dumps - CyberArk Defender - PAM
The Active Directory User configured for Windows Discovery needs which permission(s) or membership?
All of your Unix root passwords are stored in the safe UnixRoot. Dual control is enabled for some of the accounts in that safe. The members of the AD group UnixAdmins need to be able to use the show, copy, and connect buttons on those passwords at any time without confirmation. The members of the AD group Operations Staff need to be able to use the show, copy and connect buttons on those passwords on an emergency basis, but only with the approval of a member of Operations Managers never need to be able to use the show, copy or connect buttons themselves.
Which safe permission do you need to grant Operations Staff? Check all that apply.
ADR Vault became active due to a failure of the primary Vault. Service on the primary Vault has now been restored. Arrange the steps to return the DR vault to its normal standby mode in the correct sequence.
To enable the Automatic response “Add to Pending†within PTA when unmanaged credentials are found, what are the minimum permissions required by PTAUser for the PasswordManager_pending safe?
One can create exceptions to the Master Policy based on ____________________.
Your customer, ACME Corp, wants to store the Safes Data in Drive D instead of Drive C.
Which file should you edit?
In your organization the “click to connect†button is not active by default.
How can this feature be activated?
Which accounts can be selected for use in the Windows discovery process? (Choose two.)
You notice an authentication failure entry for the DR user in the ITALog.
What is the correct process to fix this error? (Choose two.)
It is possible to control the hours of the day during which a user may log into the vault.
You have been asked to secure a set of shared accounts in CyberArk whose passwords will need to be used by end users. The account owner wants to be able to track who was using an account at any given moment.
Which security configuration should you recommend?
You want to generate a license capacity report.
Which tool accomplishes this?
It is possible to leverage DNA to provide discovery functions that are not available with auto-detection.
Match the Status of Service on a DR Vault to what is displayed when it is operating normally in Replication mode.
A newly created platform allows users to access a Linux endpoint. When users click to connect, nothing happens.
Which piece of the platform is missing?
Users are unable to launch Web Type Connection components from the PSM server. Your manager asked you to open the case with CyberArk Support.
Which logs will help the CyberArk Support Team debug the issue? (Choose three.)
Refer to the exhibit.
Why is user "EMEALevel2Support" unable to change the password for user "Operator"?
You need to enable the PSM for all platforms.
Where do you perform this task?
Which statement about the Master Policy best describes the differences between one-time password and exclusive access functionality?
When onboarding multiple accounts from the Pending Accounts list, which associated setting must be the same across the selected accounts?
If a user is a member of more than one group that has authorizations on a safe, by default that user is granted________.
You are troubleshooting a PVWA slow response.
Which log files should you analyze first? (Choose two.)
Which service should NOT be running on the DR Vault when the primary Production Vault is up?
Your organization has a requirement to allow users to “check out passwords†and connect to targets with the same account through the PSM.
What needs to be configured in the Master policy to ensure this will happen?
Which dependent accounts does the CPM support out-of-the-box? (Choose three.)
Customers who have the ‘Access Safe without confirmation’ safe permission on a safe where accounts are configured for Dual control, still need to request approval to use the account.
When running a “Privileged Accounts Inventory†Report through the Reports page in PVWA on a specific safe, which permission/s are required on that safe to show complete account inventory information?
Which Cyber Are components or products can be used to discover Windows Services or Scheduled Tasks that use privileged accounts? Select all that apply.
The Vault administrator can change the Vault license by uploading the new license to the system Safe.
Assuming a safe has been configured to be accessible during certain hours of the day, a Vault Admin may still access that safe outside of those hours.
You created a new safe and need to ensure the user group cannot see the password, but can connect through the PSM.
Which safe permissions must you grant to the group? (Choose two.)
Which onboarding method would you use to integrate CyberArk with your accounts provisioning process?
PSM for Windows (previously known as “RDP Proxyâ€) supports connections to the following target systems
You are configuring a Vault HA cluster.
Which file should you check to confirm the correct drives have been assigned for the location of the Quorum and Safes data disks?
It is possible to restrict the time of day, or day of week that a [b]reconcile[/b] process can occur
Which utilities could you use to change debugging levels on the vault without having to restart the vault. Select all that apply.
Which built-in report from the reports page in PVWA displays the number of days until a password is due to expire?
An auditor initiates a live monitoring session to PSM server to view an ongoing live session. When the auditor’s machine makes an RDP connection the PSM server, which user will be used?
Which file must be edited on the Vault to configure it to send data to PTA?
Which statement is true about setting the reconcile account at the platform level?
You are logging into CyberArk as the Master user to recover an orphaned safe.
Which items are required to log in as Master?
A new HTML5 Gateway has been deployed in your organization.
Where do you configure the PSM to use the HTML5 Gateway?
Where can a user with the appropriate permissions generate a report? (Choose two.)