PAM-DEF-SEN試験無料問題集（232題）「CyberArk Defender - PAM & Sentry

出題：1

Which parameter controls how often the CPM looks for Exclusive Passwords that need to be changed?

A. Interval

B. HeadStartInterval

C. The CPM does not change the password under this circumstance

D. ImmediateInterval

正解：D 解答を投票する

出題：2

When using multiple Central Policy Managers (CPM), which one of the following Safes is shared by all CPMs?

A. PasswordManager_ADInternal

B. PasswordManager_workspace

C. PasswordManagerSharedSafe

D. PasswordManager_Pending

正解：C 解答を投票する

出題：3

In order to grant a permission to a user, and administrator MUST possess that permission.

A. True

B. False

正解：B 解答を投票する

出題：4

Which of the following options is not set in the Master Policy?

A. Dual Control

B. Password Expiration Date

C. Require Access Reason

D. Password Complexity

正解：C 解答を投票する

出題：5

Where does the Vault administrator configure in Password Vault Web Access (PVWA) the Fully Qualified Domain Name (FQDN) of the domain controller during LDAP/S integration?

A. PVWA > Administration > LDAP Integration

B. PVWA > LDAP Integration

C. PVWA > Platform Management > LDAP Integration

D. PVWA > Administration > Options > LDAP Integration

正解：A 解答を投票する

出題：6

What is the purpose of the CyberArk Event Notification Engine service.

A. sends email messages from the vault.

B. processes audit reports.

C. make vault data available to components

D. sends email messages from the CPM.

正解：A 解答を投票する

出題：7

Which service should NOT be running on the DR Vault when the primary Production Vault is up?

A. PrivateArk Database

B. CyberArk Vault Disaster Recovery (DR) service

C. CyberArk Logical Container

D. PrivateArk Server

正解：D 解答を投票する

出題：8

Which user(s) can access all passwords in the vault

A. Master

B. Administrator

C. Any member of Vault Admins

D. Any member of Auditors

正解：A 解答を投票する

出題：9

Which onboarding method would you use to integrate CyberArk with your accounts provisioning process?

A. PTA Rules

B. Onboarding RestAPI functions

C. Accounts Discovery

D. Auto Detection

正解：D 解答を投票する

出題：10

Which Master Policy Setting(s) must be active in order to have an account checked-out by one user for a predetermined amount of time?

A. Require dual control password access Approval

B. Enforce one-time password access

C. Enforce check-in/check-out exclusive access

D. Enforce check-in/check-out exclusive access & Enforce one-time password access

正解：C 解答を投票する

出題：11

A Simple Network Management Protocol (SNMP) integration allows the Vault administrator to forward ITALOG records to a monitoring solution.

A. True

B. False

正解：B 解答を投票する

出題：12

The ACME Company has been a CyberArk customer for many years. ACME Management has asked you to perform a "Health Check" review of the CyberArk deployment. During your analysis you discover that the PSM Component server is fully functional. The RDP SSL certificate is self-signed and the CyberArk Privileged Session Management Service is running under the Local Service. SSL 3.0 is enabled in the Registry.

A. The PSM Component Server has been installed correctly but PSM Hardening procedures have not been followed and must be rebuilt.

B. The PSM Component Server is configured as defined in PAS Installation Guide.

C. The PSM Component Server has been installed correctly but PVWA Hardening procedures have not been followed. Hardening procedures can be applied via the Installation Automation script or manually to the existing configuration.

D. The PSM Component Server has been installed correctly but PSM Hardening procedures have not been followed. Hardening procedures must be applied manually to the existing configuration.

正解：B 解答を投票する

出題：13

One of your users is receiving the error message "ITATS006E Station is suspended for User jsmith" when attempting to sign in to the pvwa.
Which utility would you use to correct this problem?

A. createcredfile.exe

B. PVWA

C. cavaultmanager.exe

D. PrivateArk

正解：D 解答を投票する

出題：14

It is possible to restrict the time of day. or day of week that a change process can occur

A. FALSE

B. TRUE

正解：B 解答を投票する

出題：15

Which type of automatic remediation can be performed by the PTA in case of a Suspecious Password Change security event?

A. Password Change

B. Password Reconcilation

C. Session Terminiation

D. Session Suspension

正解：A 解答を投票する

出題：16

DRAG DROP
Match the log file name with the CyberArk Component that generates the log.

正解：

出題：17

The following applications are pre-configured to work with PSM. but first need to be installed on the PSM server.

A. RDP

B. Putty

C. SQL Plus

D. WinSCP

E. Toad

F. Microsoft SQL Management Studio

G. VMWare vSphere Client

正解：A,B,C,D 解答を投票する

出題：18

Which file is used to integrate the Vault with your Radius server?

A. radius.ini

B. paragent ini

C. ENEConf.ini

D. dbparm.ini

正解：D 解答を投票する

出題：19

In accordance with best practice. SSH access is denied for root accounts on UNIX/LINUX systems.
What is the BEST way to allow CPM to manage root accounts?

A. Configure the CPM to allow SSH logins

B. Create a privileged account on the target server Allow this account the ability to SSH directly from the CPM machine Configure this account as the Reconcile account of the target server's root account.

C. Create a non-privileged account on the target server Allow this account the ability to SSH directly from the CPM machine. Configure this account as the Logon account of the target server's root account

D. Configure the Unix system to allow SSH logins.

正解：C 解答を投票する

出題：20

What is the chief benefit of PSM?

A. Automatic password management

B. Privileged session isolation

C. Privileged session isolation and privileged session recording

D. Privileged session recording

正解：D 解答を投票する

PAM-DEF-SEN試験無料問題集「CyberArk Defender - PAM & Sentry - PAM 認定」