CyberArk PAM-DEF Exam Practice Questions (P. 3)
- Full Access (113 questions)
- Six months of Premium Access
- Access to one million comments
- Seamless ChatGPT Integration
- Ability to download PDF files
- Anki Flashcard files for revision
- No Captcha & No AdSense
- Advanced Exam Configuration
Question #11
DRAG DROP -
ADR Vault became active due to a failure of the primary Vault. Service on the primary Vault has now been restored. Arrange the steps to return the DR vault to its normal standby mode in the correct sequence.
ADR Vault became active due to a failure of the primary Vault. Service on the primary Vault has now been restored. Arrange the steps to return the DR vault to its normal standby mode in the correct sequence.
Question #12
Which methods can you use to add a user directly to the Vault Admin Group? (Choose three.)
- AREST API
- BPrivateArk Client
- CPACLI
- DPVWA
- EActive Directory
- FSailpoint
Correct Answer:
ABE
ABE
GPT-4o - Answer
Options A, B, and E are indeed the correct methods for adding a user directly to the Vault Admin Group. Using the REST API and PrivateArk Client allows for direct manipulation and updates to the Vault, including user additions. Also, adding a user to an Active Directory group that is already part of the Vault Admin Group achieves the membership indirectly but still effectively places the user in the Admin group. This approach may help maintain an organized, centralized user management workflow, leveraging existing Active Directory structures for broader system access control.
Question #13
Which Automatic Remediation is configurable for a PTA detection of a "Suspected Credential Theft"?
- AAdd to Pending
- BRotate Credentials
- CReconcile Credentials
- DDisable Account
Correct Answer:
B
B
GPT-4o - Answer
Correct, "Rotate Credentials" is indeed the automatic remediation action you can configure in CyberArk Privileged Threat Analytics (PTA) when a "Suspected Credential Theft" is detected. This action ensures that the possibly compromised credentials are changed immediately, thus mitigating the threat by preventing unauthorized access with the stolen credentials. This prompt response is crucial for maintaining the security integrity of the system.
Question #14
Which item is an option for PSM recording customization?
- AWindows events text recorder with automatic play-back
- BWindows events text recorder and universal keystrokes recording simultaneously
- CUniversal keystrokes text recorder with windows events text recorder disabled
- DCustom audio recording for windows events
Correct Answer:
B
B
GPT-4o - Answer
Hey, so just a heads up, after reviewing the CyberArk documentation, it turns out that for a Privileged Session Manager (PSM) connection, you cannot enable both universal keystrokes recording and Windows events recording simultaneously. You can only use one, and typically, if you're setting up universal keystrokes recording, you'd need to disable Windows events recording first. So, in this context, the correct option for PSM recording customization would actually be option C, not B. Keeping your recording setups clean and not doubling up like that!
Question #15
You want to create a new onboarding rule.
Where do you accomplish this?
Where do you accomplish this?
- AIn PVWA, click Reports > Unmanaged Accounts > Rules
- BIn PVWA, click Options > Platform Management > Onboarding Rules
- CIn PrivateArk, click Tools > Onboarding Rules
- DIn PVWA, click Accounts > Onboarding Rules
Correct Answer:
B
B
GPT-4o - Answer
B is absolutely the right call here. Always remember that creating onboarding rules in PVWA is done by accessing Options and then Platform Management. This is your go-to spot for setting up automatic onboarding configurations which is crucial for effective privilege management. It's all about keeping things organized and straightforward, making platform management a breeze.
All Pages