• ホーム
  • ブログ
  • [2023年最新] 最高の試験CAU201問題集は無料サイトの資料を試そう [Q68-Q90]

[2023年最新] 最高の試験CAU201問題集は無料サイトの資料を試そう [Q68-Q90]

Share

[2023年最新] 最高の試験CAU201問題集は無料サイトの資料を試そう

無料CyberArk Defender CAU201オフィシャル認証ガイドPDFをダウンロード

質問 # 68
Which is the primary purpose of exclusive accounts?

  • A. To force a 'collusion to commit' fraud ensuring no single actor may use a password without authorization
  • B. More frequent password changes
  • C. Non-repudiation (individual accountability)
  • D. Reduced risk of credential theft

正解:C


質問 # 69
Which report provides a list of accounts stored in the vault.

  • A. Activity Log
  • B. Entitlement Report
  • C. Privileged Accounts Compliance Status
  • D. Privileged Accounts Inventory

正解:D

解説:
Explanation/Reference: https://techinsight.com.vn/language/en/privileged-account-security-solution-part-2/


質問 # 70
What is the easiest way to duplicate an existing platform?

  • A. From PrivateArk, copy/paste the appropriate settings in PVConfiguration.xml; then update the policyName variable.
  • B. From the PVWA, navigate to the platforms page, select an existing platform that is similar to the new target account platform and then click Duplicate; name the new platform.
  • C. From PrivateArk, copy/paste the appropriate Policy.ini file; then rename it.
  • D. From the PVWA, navigate to the platforms page, select an existing platform that is similar to the new target account platform, manually update the platform settings and click "Save as" INSTEAD of save to duplicate and rename the platform.

正解:D


質問 # 71
Which one of the following reports is NOT generated by using the PVWA?

  • A. Application Inventory
  • B. Safes List
  • C. Compliance Status
  • D. Account Inventory

正解:B

解説:
Explanation/Reference:
Reference: https://techinsight.com.vn/language/en/privileged-account-security-solution-part-2/


質問 # 72
The primary purpose of exclusive accounts is to ensure non-repudiation (Individual accountability).

  • A. TRUE
  • B. FALS

正解:A


質問 # 73
Which permissions are needed for the Active Directory user required by the Windows Discovery process?

  • A. Read/Write
  • B. Domain Admin
  • C. Read
  • D. LDAP Admin

正解:C


質問 # 74
It is possible to leverage DNA to provide discovery functions that are not available with auto-detection.

  • A. TRUE
  • B. FALSE

正解:A


質問 # 75
Ad-Hoc Access (formerly Secure Connect) provides the following features. Choose all that apply.

  • A. Session Recording.
  • B. Real-time live session monitoring.
  • C. PSM connections from a terminal without the need to login to the PVWA.
  • D. PSM connections to target devices that are not managed by CyberArk.

正解:A、B、D


質問 # 76
When managing SSH keys, the CPM stores the Public Key

  • A. Nowhere because the public key can always be generated from the private key.
  • B. In the Vault
  • C. A & B
  • D. On the target server

正解:D


質問 # 77
In your organization the "click to connect" button is not active by default.
How can this feature be activated?

  • A. Policies > Master Policy > Allow EPV transparent connections > Inactive
  • B. Policies > Master Policy > Password Management
  • C. Policies > Master Policy > Session Management > Require privileged session monitoring and isolation > Add Exception
  • D. Policies > Master Policy > Allow EPV transparent connections > Active

正解:D


質問 # 78
What is the maximum number of levels of authorization you can set up in Dual Control?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

正解:C


質問 # 79
In accordance with best practice, SSH access is denied for root accounts on UNIXLINUX system.
What is the BEST way to allow CPM to manage root accounts?

  • A. Create a non-privileged account on the target server. Allow this account the ability to SSH directly from the CPM machine. Configure this account as the Logon account of the target server's root account.
  • B. Configure the Unix system to allow SSH logins.
  • C. Configure the CPM to allow SSH logins.
  • D. Create a privileged account on the target server. Allow this account the ability to SSH directly from the CPM machine. Configure this account of the target server's root account.

正解:A


質問 # 80
What is the primary purpose of One Time Passwords?

  • A. Non-repudiation (individual accountability)
  • B. To force a 'collusion to commit' fraud ensuring no single actor may use a password without authorization.
  • C. More frequent password changes
  • D. Reduced risk of credential theft

正解:D


質問 # 81
PTA can automatically suspend sessions if suspicious activities are detected in a privileged session, but only if the session is made via the CyberArk PSM.

  • A. False, the PTA can suspend sessions whether the session is made via the PSM or not
  • B. True

正解:A


質問 # 82
What is the purpose of the Interval setting in a CPM policy?

  • A. To control the maximum amount of time the CPM will wait for a password change to complete.
  • B. To control how long the CPM rests between password changes.
  • C. To control how often the CPM looks for User Initiated CPM work.
  • D. To control how often the CPM looks for System Initiated CPM work.

正解:B


質問 # 83
Can the 'Connect' button be used to initiate an SSH connection, as root, to a Unix system when SSH access for root is denied?

  • A. Yes, only if a logon account is associated with the root account and the user connects through the PSM- SSH connection component.
  • B. Yes, if a logon account is associated with the root account.
  • C. No, it is not possible.
  • D. Yes, when using the connect button, CyberArk uses the PMTerminal.exe process which bypasses the root SSH restriction.

正解:A

解説:
Explanation/Reference: https://www.reddit.com/r/CyberARk/comments/7zx8w5/ssh_connection/


質問 # 84
It is possible to control the hours of the day during which a user may long into the vault.

  • A. TRUE
  • B. FALSE

正解:A

解説:
Explanation/Reference: https://isecurenet.net/wp-content/uploads/2016/06/user-sb-cyberark_privileged_threat_analytics-
030916-final-en-web.pdf


質問 # 85
Which utilities could you use to change debugging levels on the vault without having to restart the vault. Select all that apply.

  • A. PAR Agent
  • B. Edit DBParm.ini in a text editor.
  • C. PrivateArk Server Central Administration
  • D. Setup.exe

正解:A


質問 # 86
As long as you are a member of the Vault Admins group you can grant any permission on any safe.

  • A. FALSE
  • B. TRUE

正解:A


質問 # 87
What is the purpose of a linked account?

  • A. To ensure a particular set of accounts all change at the same time.
  • B. To connect the CPNI to a target system.
  • C. To allow more than one account to work together as part of a password management process.
  • D. To ensure that a particular collection of accounts all have the same password.

正解:C

解説:
Explanation/Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Linked-
Accounts.htm


質問 # 88
Which user is automatically added to all Safes and cannot be removed?

  • A. Auditor
  • B. Master
  • C. Operator
  • D. Administrator

正解:B


質問 # 89
Which of the following options is not set in the Master Policy?

  • A. Password Expiration Time
  • B. Enabling and Disabling of the Connection Through the PSM
  • C. Password Complexity
  • D. The use of "One-Time-Passwords"

正解:C


質問 # 90
......

CyberArk CAU201オフィシャル認証ガイドPDF:https://www.goshiken.com/CyberArk/CAU201-mondaishu.html

関するブログ

もっと
CAU201無料問題集