[2022年01月11日]CAU201PDFで最近更新された問題です集試験点数を伸ばそう [Q107-Q132]

[2022年01月11日]CAU201PDFで最近更新された問題です集試験点数を伸ばそう

CAU201完全版問題集には無料PDF問題で合格させる

質問 107
A Logon Account can be specified in the Master Policy.

• A. FALS
• B. TRUE

正解: A

 

質問 108
You are onboarding an account that is not supported out of the box.
What should you do first to obtain a platform to import?

• A. From the platforms page, uncheck the "Hide non-supported platforms" checkbox and see if a platform meeting your needs appears.
• B. Create a service ticket in the customer portal explaining the requirements of the custom platform.
• C. Search common community portals like stackoverflow, reddit, github for an existing platform.
• D. Visit the CyberArk marketplace and search for a platform that meets your needs.

正解: B

 

質問 109
Which one the following reports is NOT generated by using the PVWA?

• A. Accounts Inventory
• B. Application Inventory
• C. Sales List
• D. Convince Status

正解: C

 

質問 110
By default, members of which built-in groups will be able to view and configure Automatic Remediation and Session Analysis and Response in the PVWA?

• A. Auditors
• B. Security Admins
• C. Vault Admins
• D. Security Operators

正解: B

解説:
Explanation/Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PTA/Security- Configuration.htm

 

質問 111
Time of day or day of week restrictions on when password verifications can occur configured in
____________________.

• A. The Account Details
• B. The Safe settings
• C. The Platform settings
• D. The Master Policy

正解: C

解説:
Explanation/Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Verifying-
Passwords.htm

 

質問 112
Users who have the 'Access Safe without confirmation' safe permission on a safe where accounts are
configured for Dual control, still need to request approval to use the account.

• A. TRUE
• B. FALSE

正解: A

 

質問 113
A Vault administrator have associated a logon account to one of their Unix root accounts in the vault. When attempting to verify the root account's password the Central Policy Manager (CPM) will:

• A. prompt the end user with a dialog box asking for the login account to use
• B. ignore the logon account and attempt to log in as root
• C. none of these
• D. log in first with the logon account, then run the SU command to log in as root using the password in the Vault

正解: A

 

質問 114
Select the best practice for storing the Master CD.

• A. Copy the contents of the CD to a Hardware Security Module (HSM) and discard the CD
• B. Store the CD in a secure location, such as a physical safe
• C. Store the CD in a secure location, such as a physical safe, and copy the contents of the CD to a folder secured with NTFS permissions on the Vault
• D. Copy the files to the Vault server and discard the CD

正解: C

 

質問 115
All of your Unix root passwords are stored in the safe UnixRoot. Dual control is enabled for some of the accounts in that safe. Themembers of the AD group UnixAdmins need to be able to use the show, copy, and connect buttons on those passwords at any time without confirmation. The members of the AD group Operations Staff need to be able to use the show, copy and connect buttons on those passwords on an emergency basis, but only with the approval of a member of Operations Managers never need to be able to use the show, copy or connect buttons themselves.
Which safe permission do you need to grant Operations Staff? Check all that apply.

• A. Retrieve Accounts
• B. Use Accounts
• C. Authorize Password Requests
• D. Access Safe without Authorization

正解: A

 

質問 116
To ensure all sessions are being recorded, a CyberArk administrator goes to the master policy and makes configuration changes.
Which configuration is correct?

• A. Require privileged session monitoring and isolation = active; Record and save session activity = active.
• B. Require privileged session monitoring and isolation = inactive; Record and save session activity = active.
• C. Require privileged session monitoring and isolation = active; Record and save session activity = inactive.
• D. Require privileged session monitoring and isolation = inactive; Record and save session activity = inactive.

正解: A

 

質問 117
SAFE Authorizations may be granted to____________.
Select all that apply.

• A. LDAP Users
• B. LDAP Groups
• C. Vault Users
• D. Vault Group

正解: A,B,C,D

 

質問 118
It is possible to control the hours of the day during which a user may long into the vault.

• A. TRUE
• B. FALSE

正解: A

解説:
Explanation/Reference: https://isecurenet.net/wp-content/uploads/2016/06/user-sb-cyberark_privileged_threat_analytics-
030916-final-en-web.pdf

 

質問 119
Which of these accounts onboarding methods is considered proactive?

• A. A DNA scan
• B. Accounts Discovery
• C. A Rest API integration with account provisioning software
• D. Detecting accounts with PTA

正解: D

 

質問 120
To manage automated onboarding rules, a CyberArk user must be a member of which group?

• A. Auditors
• B. Administrators
• C. Vault Admins
• D. CPM User

正解: C

 

質問 121
When on-boarding account using Accounts Feed, Which of the following is true?

• A. You must specify an existing Safe where are account will be stored whenitis on boarded to the Vault
• B. You can specify the name of a new Platform that will be created and associated with the account
• C. Any account that is on boarded can beautomaticallyreconciled regardless ofthe platformit isassociated with.
• D. You can specify the name of a new sale that will be created where the account will be stored when it is on-boarded to the Vault.

正解: C

 

質問 122
You have associated a logon account to one your UNIX cool accounts in the vault. When attempting to
[b]change [/b] the root account's password the CPM will.....

• A. Noneofthese
• B. Log in to the system asroot,then change root's password
• C. Log in to the system as thelogon account,run the su command to loginas root, and then changeroot's password.
• D. Log in to the system as the logon account, then change roofs password

正解: A

 

質問 123
If the AccountUploader Utility is used to create accounts with SSH keys, which parameter do you use to set the full or relative path of the SSH private key file that will be attached to the account?

• A. Address
• B. KeyPath
• C. KeyFile
• D. ObjectName

正解: C

 

質問 124
It a password is changed manually on a server, bypassing the CPM, how would you configure the account so that the CPM could resume management automatically?

• A. Associate a logon account and configure the platform to reconcile automatically
• B. Associate a reconcile account and configure the platform to reconcile automatically
• C. Run the correct auto detection process to rediscover the password
• D. Configure the Provider to change the password to match the Vault's Password

正解: D

 

質問 125
Ad-Hoc Access (formerly Secure Connect) provides the following features. Choose all that apply.

• A. PSM connections to target devices that are not managed by CyberArk.
• B. PSM connections from a terminal without the need to login to the PVWA.
• C. Real-time live session monitoring.
• D. Session Recording.

正解: A,C,D

 

質問 126
Which report shows the accounts that are accessible to each user?

• A. Entitlement report
• B. Privileged Accounts Compliance Status report
• C. Applications Inventory report
• D. Activity report

正解: A

 

質問 127
In accordance with best practice, SSH access is denied for root accounts on UNIXLINUX system.
What is the BEST way to allow CPM to manage root accounts?

• A. Create a privileged account on the target server. Allow this account the ability to SSH directly from the CPM machine. Configure this account of the target server's root account.
• B. Configure the Unix system to allow SSH logins.
• C. Create a non-privileged account on the target server. Allow this account the ability to SSH directly from the CPM machine. Configure this account as the Logon account of the target server's root account.
• D. Configure the CPM to allow SSH logins.

正解: C

 

質問 128
To use PSM connections while in the PVWA, what are the minimum safe permissions a user or group will need?

• A. Use Accounts
• B. List Accounts, Use Accounts
• C. List Accounts, Use Accounts, Retrieve Accounts
• D. List Accounts, Use Accounts, Retrieve Accounts, Access Safe without confirmation

正解: A

 

質問 129
Which Master Policy Setting must be active in order to have an account checked-out by one user for a pre- determined amount of time?

• A. Enforce check-in/check-out exclusive access & Enforce one-time password access
• B. Enforce check-in/check-out exclusive access
• C. Require dual control password access Approval
• D. Enforce one-time password access

正解: B

解説:
Explanation/Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PrivCloud/Latest/en/Content/Privilege%
20Cloud/privCloud-master-policy-rules.htm

 

質問 130
Which parameter controls how often the CPM looks for Soon-to-be-expired Passwords that need to be
changed.

• A. Interval
• B. The CPM does not change the password under this circumstance
• C. HeadStartInterval
• D. ImmediateInterval

正解: D

 

質問 131
Target account platforms can be restricted to accounts that are stored in specific Safes using the AllowedSafes property.

• A. FALSE
• B. TRUE

正解: A

 

質問 132
......

100%更新されたのはCyberArk CAU201限定版PDF問題集：https://www.goshiken.com/CyberArk/CAU201-mondaishu.html