更新された2022年09月テストエンジンに練習CAU201テスト問題
CAU201リアル試験問題テストエンジン問題集トレーニングには179問あります
CyberArk CAU201 認定試験の出題範囲:
トピック | 出題範囲 |
---|---|
トピック 1 |
|
トピック 2 |
|
トピック 3 |
|
トピック 4 |
|
トピック 5 |
|
トピック 6 |
|
トピック 7 |
|
トピック 8 |
|
質問 29
If a user is a member of more than one group that has authorizations on a safe, by default that user is granted________.
- A. the vault will not allow this situation to occur.
- B. only those permissions that exist in all groups to which the user belongs.
- C. only those permissions that exist on the group added to the safe first.
- D. the cumulative permissions of all groups to which that user belongs.
正解: C
質問 30
Your organization has a requirement to allow users to "check out passwords" and connect to targets with the same account through the PSM.
What needs to be configured in the Master policy to ensure this will happen?
- A. Enforce check-in/check-out exclusive access = active; Require privileged session monitoring and isolation = active
- B. Enforce check-in/check-out exclusive access = active; Record and save session activity = inactive
- C. Enforce check-in/check-out exclusive access = inactive; Require privileged session monitoring and isolation = inactive
- D. Enforce check-in/check-out exclusive access = inactive; Record and save session activity = active
正解: D
質問 31
PSM captures a record of each command that was executed in Unix.
- A. TRIE
- B. FALSE
正解: A
質問 32
When a DR Vault Server becomes an active vault, it will automatically fail back to the original state once the Primary Vault comes back online.
- A. True, if the AllowFailback setting is set to "yes" in the padr.ini file
- B. True; this is the default behavior
- C. False; this is not possible
- D. True, if the AllowFailback setting is set to "yes" in the dbparm.ini file
正解: C
質問 33
By default, members of which built-in groups will be able to view and configure Automatic Remediation and
Session Analysis and Response in the PVWA?
- A. Auditors
- B. Security Admins
- C. Vault Admins
- D. Security Operators
正解: B
解説:
Explanation/Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PTA/Security-
Configuration.htm
質問 34
Which of the following statements are NOT true when enabling PSM recording for a target Windows server?
(Choose all that apply)
- A. PSM must be enabled in the Master Policy (either directly, or through exception)
- B. RDP must be enabled on the target server
- C. PSMConnect must be added as a local user on the target server
- D. The PSM software must be instated on the target server
正解: A,D
質問 35
Can the 'Connect' button be used to initiate an SSH connection, as root, to a Unix system when SSH access for root is denied?
- A. No, it is not possible.
- B. Yes, if a logon account is associated with the root account.
- C. Yes, when using the connect button, CyberArk uses the PMTerminal.exe process which bypasses the root SSH restriction.
- D. Yes, only if a logon account is associated with the root account and the user connects through the PSM-SSH connection component.
正解: D
質問 36
Users are unable to launch Web Type Connection components from the PSM server. Your manager asked you to open the case with CyberArk Support.
Which logs will help the CyberArk Support Team debug the issue? (Choose three.)
- A. PSMConsole.log
- B. ITAlog.log
- C. PSMTrace.log
- D. PMconsole.log
- E. <Session_ID>.Component.log
- F. PSMDebug.log
正解: B,C,F
質問 37
Platform settings are applied to______________.
- A. Network Areas
- B. Individual Accounts
- C. Safes
- D. The entire vault.
正解: C
解説:
Explanation
Explanation/Reference: https://www.reddit.com/r/CyberARk/comments/avxnxz/safes_and_platform_association/
質問 38
Match the built-in Vault User with the correct definition.
正解:
解説:
Reference:
https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Predefined-Users-and-Groups.htm?TocPath=Administration%7CUser%20Management%7C_____7
質問 39
Which of the following PTA detections are included in the Core PAS offering?
- A. Over-Pass-The Hash
- B. Suspected Credential Theft
- C. Golden Ticket
- D. Unmanaged Privileged Access
正解: D
解説:
Explanation/Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PTA/What-Does-PTA- Detect.htm
質問 40
You need to enable the PSM for all platforms.
Where do you perform this task?
- A. Master Policy > Privileged Access Workflows
- B. Administration > Options > Connection Components
- C. Platform Management > (Platform) > UI & Workflows
- D. Master Policy > Session Management
正解: C
質問 41
Platform settings are applied to _________.
- A. Individual Accounts
- B. Network Areas
- C. Safes
- D. The entire vault.
正解: A
質問 42
What is the purpose of the CyberArk Event Notification Engine service?
- A. It makes Vault data available to components
- B. It sends email messages from the Vault
- C. It sends email messages from the Central Policy Manager (CPM)
- D. It processes audit report messages
正解: A
質問 43
What is the name of the Platform parameter that controls how long a password will stay valid when One Time
Passwords are enabled via the Master Policy?
- A. MinValidityPeriod
- B. ImmediateInterval
- C. Timeout
- D. Interval
正解: C
質問 44
The Accounts Feed contains:
- A. All users added to CyberArk in the last 30 days
- B. All accounts added to the vault in the last 30 days
- C. Accounts that were discovered by CyberArk in the last 30 days
- D. Accounts that were discovered by CyberArk that have not yet been onboarded
正解: C
質問 45
It is possible to restrict the time of day, or day of week that a reconcile process can occur.
- A. TRUE
- B. FALSE
正解: B
質問 46
When managing SSH keys, the CPM stores the Public Key
- A. In the Vault
- B. A & B
- C. Nowhere because the public key can always be generated from the private key.
- D. On the target server
正解: D
質問 47
Which of the Following can be configured in the Master Poky? Choose all that apply.
- A. Required Properties
- B. Dual Control
- C. Custom Connection Components
- D. Password Aging Rules
- E. One Time Passwords
- F. Ticketing Integration
- G. Exclusive Passwords
- H. Password Reconciliation
正解: A,D,G,H
質問 48
A new domain controller has been added to your domain. You need to ensure the CyberArk infrastructure can use the new domain controller for authentication.
Which locations must you update?
- A. on the Vault server in Windows\System32\Etc\Hosts and on the PVWA server in Windows\System32\Etc\Hosts
- B. on the Vault server in the certificate store and on the PVWA server in the certificate store
- C. on the Vault server in Windows\System32\Etc\Hosts and in the PVWA Application under Administration > LDAP Integration > Directories > Hosts
- D. in the Private Ark client under Tools > Administrative Tools > Directory Mapping
正解: D
解説:
Reference:
%20user%20management%20using%20LDAP%7C_____2
質問 49
......
CAU201実際の問題解答PDFには100%カバー率リアル試験問題:https://www.goshiken.com/CyberArk/CAU201-mondaishu.html