PAM-CDE-RECERT試験無料問題集（208題）「CyberArk CDE Recertification 認定」

出題：1

When managing SSH keys, the CPM stores the Public Key

A. Nowhere because the public key can always be generated from the private key.

B. A & B

C. On the target server

D. In the Vault

正解：C 解答を投票する

出題：2

How does the Vault administrator apply a new license file?

A. Upload the license.xml file to the system Safe and restart the PrivateArk Server service

B. Upload the license.xml file to the system Safe

C. Upload the license.xml file to the Vault Internal Safe

D. Upload the license.xml file to the Vault Internal Safe and restart the PrivateArk Server service

正解：B 解答を投票する

出題：3

You are configuring the vault to send syslog audit data to your organization's SIEM solution. What is a valid value for the SyslogServerProtocol parameter in DBPARM.ini file?

A. SMTP

B. SNMP

C. TLS

D. SSH

正解：C 解答を投票する

出題：4

Which authentication methods does PSM for SSH support?

A. LDAP, Windows Authentication, SSH Keys

B. RADIUS, Oracle SSO, CyberArk Password

C. CyberArk Password, LDAP, RADIUS

D. CyberArk Password, LDAP, RADIUS, SAML

正解：C 解答を投票する

出題：5

Match each component to its respective Log File location.

正解：

Reference:
https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/11.4/en/Content/PTA/PTA-Data-Locations.htm

出題：6

What is the easiest way to duplicate an existing platform?

A. From the PVWA, navigate to the platforms page, select an existing platform that is similar to the new target account platform, manually update the platform settings and click "Save as" INSTEAD of save to duplicate and rename the platform.

B. From PrivateArk, copy/paste the appropriate Policy.ini file; then rename it.

C. From the PVWA, navigate to the platforms page, select an existing platform that is similar to the new target account platform and then click Duplicate; name the new platform.

D. From PrivateArk, copy/paste the appropriate settings in PVConfiguration.xml; then update the policyName variable.

正解：A 解答を投票する

出題：7

Which of the following PTA detections require the deployment of a Network Sensor or installing the PTA Agent on the domain controller?

A. Unmanaged privileged access

B. Over-Pass-The-Hash

C. Suspected credential theft

D. Golden Ticket

正解：D 解答を投票する

出題：8

Time of day or day of week restrictions on when password verifications can occur configured in ____________________.

A. The Platform settings

B. The Account Details

C. The Master Policy

D. The Safe settings

正解：A 解答を投票する

出題：9

Which user(s) can access all passwords in the Vault?

A. Any member of Vault administrators

B. Master

C. Administrator

D. Any member of auditors

正解：B 解答を投票する

出題：10

You are creating a new Rest API user that utilizes CyberArk Authentication.
What is a correct process to provision this user?

A. Private Ark Client > Tools > Administrative Tools > Directory Mapping > Add

B. Private Ark Client > Tools > Administrative Tools > Users and Groups > New > User

C. PVWA > User Provisioning > Users and Groups > New > User

D. PVWA > User Provisioning > LDAP Integration > Add Mapping

正解：B 解答を投票する

出題：11

You have been asked to identify the up or down status of Vault services.
Which CyberArk utility can you use to accomplish this task?

A. PAS Reporter

B. Syslog

C. Vault Replicator

D. Remote Control Agent

正解：D 解答を投票する

出題：12

Which certificate type do you need to configure the vault for LDAP over SSL?

A. a CA signed Certificate for the Vault server

B. a self-signed Certificate for the Vault

C. a CA signed Certificate for the PVWA server

D. the CA Certificate that signed the certificate used by the External Directory

正解：D 解答を投票する

出題：13

You have been asked to secure a set of shared accounts in CyberArk whose passwords will need to be used by end users. The account owner wants to be able to track who was using an account at any given moment.
Which security configuration should you recommend?

A. Configure one-time passwords for the appropriate platform in Master Policy.

B. Configure shared account mode on the appropriate safe.

C. Configure both one-time passwords and exclusive access for the appropriate platform in Master Policy.

D. Configure object level access control on the appropriate safe.

正解：C 解答を投票する

出題：14

It is possible to control the hours of the day during which a user may log into the vault.

A. FALSE

B. TRUE

正解：B 解答を投票する

出題：15

By default, members of which built-in groups will be able to view and configure Automatic Remediation and Session Analysis and Response in the PVWA?

A. Security Admins

B. Vault Admins

C. Security Operators

D. Auditors

正解：A 解答を投票する

出題：16

Vault admins must manually add the auditors group to newly created safes so auditors will have sufficient access to run reports.

A. FALSE

B. TRUE

正解：A 解答を投票する

出題：17

What is the easiest way to duplicate an existing platform?

A. From the PVWA, navigate to the platforms page, select an existing platform that is similar to the new target account platform, manually update the platform settings and click "Save as" INSTEAD of save to duplicate and rename the platform.

B. From PrivateArk, copy/paste the appropriate Policy.ini file; then rename it.

C. From the PVWA, navigate to the platforms page, select an existing platform that is similar to the new target account platform and then click Duplicate; name the new platform.

D. From PrivateArk, copy/paste the appropriate settings in PVConfiguration.xml; then update the policyName variable.

正解：A 解答を投票する

出題：18

Which of the following Privileged Session Management solutions provide a detailed audit log of session activities?

A. PSM for SSH (previously known as PSM SSH Proxy)

B. PSM (i.e., launching connections by clicking on the "Connect" button in the PVWA)

C. All of the above

D. PSM for Windows (previously known as RDP Proxy)

正解：B 解答を投票する

出題：19

A user requested access to view a password secured by dual-control and is unsure who to contact to expedite the approval process. The Vault Admin has been asked to look at the account and identify who can approve their request.
What is the correct location to identify users or groups who can approve?

A. PVWA> Account List > Edit > Show Advanced Settings > Dual Control > Direct Managers

B. PrivateArk > Admin Tools > Users and Groups > Auditors (Group Membership)

C. PVWA> Administration > Platform Configuration > Edit Platform > UI & Workflow > Dual Control> Approvers

D. PVWA> Policies > Access Control (Safes) > Safe Members > Workflow > Authorize Password Requests

正解：D 解答を投票する

PAM-CDE-RECERT試験無料問題集「CyberArk CDE Recertification 認定」