Secret-Sen試験無料問題集（62題）「CyberArk Sentry

出題：1

While troubleshooting an issue with accounts not syncing to Conjur, you see this in the log file:

What could be the issue?

A. Connection timed out to the Vault.

B. Safe permissions for the LOB user are incorrect.

C. At first Vault Conjur Synchronizer start up, the number of LOBs is exceeded.

D. Connection timed out during loading policy through SDK.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

What is a main advantage of using dual accounts in password management?

A. It ensures passwords are rotated every 90 days, which respects the expected downtime for a system, database, or application

B. It ensures no delays are incurred when the application needs credentials because a password that is currently used by an application will never be changed

C. Since passwords are cached for both rotation accounts, it ensures the password for an application will not be changed, reducing the amount of blackout dates when a password expires.

D. Since there are two active accounts, it doubles the probability that a system, database, or application will successfully authenticate.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

Findings were obtained after cataloging pending Secrets Manager use cases.
Arrange the findings in the correct order for prioritization.

正解：

Explanation

The correct order for prioritization of the findings is as follows:
A new vulnerability scanner project is nearing completion and is expected to go into production soon.
This scanner is owned by the Security Team that owns CyberArk. This finding should be prioritized first because it has the highest urgency, feasibility, and alignment with the Security Team's goals. The vulnerability scanner is a critical security tool that needs to protect its credentials from unauthorized access. The Security Team can leverage their own expertise and authority to implement the Secrets Manager solution for this project without much delay or dependency.
A large, high performance application under PCI DSS regulation will require many CPs. This will require a license purchase. The procurement process can take 6-12 months. The development team is eager to work with Security on this project. This finding should be prioritized second because it has a high impact, compliance requirement, and stakeholder support. The application handles sensitive payment card data that needs to be secured by the Secrets Manager solution. The development team is willing to collaborate with the Security Team on this project and can help with the technical aspects of the implementation. However, this finding also has a high cost and a long lead time due to the license purchase and the procurement process.
A small, internally developed application under HIPPA regulation needs updates to the application code to retrieve secrets from a Secrets Manager solution. The development team stated they cannot accommodate this work before next quarter. This finding should be prioritized third because it has a moderate impact, compliance requirement, and feasibility. The application handles protected health information that needs to be secured by the Secrets Manager solution. The development team is aware of the need to update the application code to integrate with the Secrets Manager solution, but they have other priorities and constraints that prevent them from doing so in the near term.
Here's the reasoning behind this order:
1. New vulnerability scanner project:
This project directly impacts CyberArk's Security Team, making it a high priority due to potential internal security concerns. Additionally, its near-completion state suggests a quicker implementation timeframe.
2. Large application under PCI DSS:
While this application requires significant resources and time investment due to license purchase and development, its high performance and PCI DSS regulation compliance mandate prioritization. Delaying this project could potentially lead to security vulnerabilities and compliance issues.
3. Small application under HIPAA:
Although HIPAA regulation necessitates compliance, the application's size and development team's delay request suggest a lower priority compared to the previous two projects. However, it should still be addressed within the next quarter as mandated by the development team.

出題：4

When installing the CCP and configuring it for use behind a load balancer, which authentication methods may be affected? (Choose two.)

A. Hash

B. [Client Certificate authentication

C. Allowed Machines authentication

D. Path

E. OS User

正解：B,C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

You have a request to protect all the properties around a credential object. When configuring the credential in the Vault, you specified the address, user and password for the credential.
How do you configure the Vault Conjur Synchronizer to properly sync all properties?

A. Modify Vault.ini, uncomment SYNCALLPROPERTIES and update its value to true.

B. In the Conjur UI under Cluster > Synchronizer > Config, change SYNCALLPROPERTIES and update its value to true.

C. Modify VaultConjurSynchronizer.exe.config, uncomment SYNCALLPROPERTIES and update its value to true.

D. Modify SynchronizerReplication.config, uncomment SYNCALLPROPERTIES and update its value to true.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

You are setting up the Secrets Provider for Kubernetes to support rotation with Push-to-File mode.
Which deployment option should be used?

A. Application container

B. Service Broker

C. Sidecar

D. Init container

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

Secret-Sen試験無料問題集「CyberArk Sentry - Secrets Manager 認定」