Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home CyberArk PAM-SEN

CyberArk PAM-SEN Exam Practice Questions (P. 4)

  • Full Access (97 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #16
When creating a distributed Vault environment architecture, what is the maximum number of Vault servers that can be deployed?
  1. A
    5 - number of primary and satellite Vaults can be specified during installation
  2. B
    3 - all primary
  3. C
    6 - 1 primary and 5 satellite
  4. D
    10 - 2 primary and 8 satellite

Correct Answer:
D

Question #17
To enable LDAP over SSL for a Vault when DNS lookups are blocked, which step must be completed?
  1. A
    Add the FQDN & IP details for each LDAP host into the local hosts file of the Vault server.
  2. B
    Configure an AllowNonStandardFWAddresses rule in DBParm.ini on the Vault to allow outbound TCP 53 to the organization’s DNS servers.
  3. C
    Ensure LDAP hosts added to the directory mapping configuration are defined using only IP addresses.
  4. D
    Set the ReferralsDNSLookup parameter value to “No” in the directory configuration.

Correct Answer:
C

Question #18
In which file must the attribute ‘SignAuthnRequest=”true”’ be added to the PartnerIdentityProvider element to support signed SAML requests?
  1. A
    saml.config
  2. B
    samlconfig.ini
  3. C
    PVWAConfig.xml
  4. D
    PVConfiguration.xml

Correct Answer:
C

Question #19
A customer is moving from an on-premises to a public cloud deployment.
What is the best and most cost-effective option to secure the server key?
  1. A
    Install the Vault in the cloud the same way you would in an on-premises environment. Place the server key in a password protected folder on the operating system.
  2. B
    Install the Vault in the cloud the same way you would in an on-premises environment. Purchase a Hardware Security Module to secure the server key.
  3. C
    Install the Vault using the native cloud images and secure the server key using native cloud Key Management Systems.
  4. D
    Install the Vault using the native cloud images and secure the server key with a Hardware Security Module.

Correct Answer:
C

Question #20
Your customer upgraded recently to version 12.2 to allow the Linux team to use the new MFA caching feature. The PSM for SSH was installed with default configuration settings. After setting the Authentication to SSH key and enabling MFA Caching from the PVWA interface, the Linux Team cannot connect successfully using the new MFA caching feature.
What is the most probable cause?
  1. A
    OpenSSH 7.8 or above is not installed.
  2. B
    The MFACaching parameter in the psmpparms file is not set to True.
  3. C
    A passphrase policy must be added.
  4. D
    MFA caching is not supported when the PSM for SSH is deployed with default settings.

Correct Answer:
D

Previous Questions Next Questions

All Pages