• ホーム
  • ブログ
  • [2024年01月最新リリース] 合格できるCAU201試験にはリアル問題とアンサー [Q25-Q50]

[2024年01月最新リリース] 合格できるCAU201試験にはリアル問題とアンサー [Q25-Q50]

Share

[2024年01月最新リリース] 合格できるCAU201試験にはリアル問題とアンサー

合格できるCAU201レビューガイド、頼もしいCAU201テストエンジン


CyberArk Defender(CAU201)試験は、特権アカウント、資格情報、およびシークレットを保護するサイバーセキュリティ専門家のスキルと知識をテストするために設計された認定試験です。サイバー脅威が増加する中、組織は感度の高いデータやインフラストラクチャを保護できる資格を持つ人材を求めています。CAU201試験に合格すると、サイバー攻撃から保護し特権アクセスを確保するために必要なスキルを雇用主に証明することができます。


Cyber​​ark Defender認定試験(CAU201)は、特権的なアカウントセキュリティの分野での個人の知識と専門知識を検証するように設計された専門的な認定です。この認定は、サイバーセキュリティソリューションの大手プロバイダーであるCyber​​arkが提供しています。サイバーセキュリティソリューションは、サイバーの脅威やデータ侵害から組織を保護することを専門としています。 CAU201試験は、Cyber​​ark Solutionsを扱い、組織内の特権アカウントの保護と管理を担当する専門家向けに設計されています。


CyberArk Defender試験は、個人が様々な分野での知識とスキルを実証する必要がある包括的な認定プログラムです。この試験は、CyberArk Privileged Access Security Solution、CyberArk Privileged Session Manager、CyberArk Endpoint Privilege Managerを含む、幅広いトピックをカバーする多肢選択問題で構成されています。試験はまた、セキュリティポリシーや手順、特権アカウントの管理に関するベストプラクティスもカバーしています。

 

質問 # 25
Which Cyber Are components or products can be used to discover Windows Services or Scheduled Tasks that use privileged accounts? Select all that apply.

  • A. Auto Detection (AD)
  • B. Discovery and Audit (DMA)
  • C. On Demand Privileges Manager (OPM)
  • D. Export Vault Data (EVD)
  • E. Accounts Discovery

正解:A、B、E


質問 # 26
What is the purpose of the HeadStartlnterval setting m a platform?

  • A. It determines how far in advance audit data is collected tor reports
  • B. It instructs the CPM to initiate the password change process X number of days before expiration.
  • C. It instructs the AIM Provider to 'skip the cache' during the defined time period
  • D. It alerts users of upcoming password changes x number of days before expiration.

正解:B

解説:
The number of days before the password expires (according to the ExpirationPeriod parameter) that the CPM will initiate a password change process. This parameter is not relevant if the policy will be applied to a member of an account group.


質問 # 27
In the Private Ark client, how do you add an LDAP group to a CyberArk group?

  • A. Select Update on the LDAP Group, and then click Add > LDAP Group
  • B. Select Member Of on the LDAP group, and then click Add > LDAP Group
  • C. Select Update on the CyberArk group, and then click Add > LDAP Group
  • D. Select Member Of on the CyberArk group, and then click Add > LDAP Group

正解:B


質問 # 28
PTA can automatically suspend sessions if suspicious activities are detected in a privileged session, but only if the session is made via the CyberArk PSM.

  • A. False, the PTA can suspend sessions whether the session is made via the PSM or not
  • B. True

正解:A


質問 # 29
As long as you are a member of the Vault Admins group you can grant any permission on any safe.

  • A. FALSE
  • B. TRUE

正解:A

解説:
Explanation
Being in Vault admins group only give you access to safes which are created during installation (safe created in installation process ) -This is clearly mentioned in documents .


質問 # 30
Which user(s) can access all passwords in the Vault?

  • A. Administrator
  • B. Master
  • C. Any member of auditors
  • D. Any member of Vault administrators

正解:B


質問 # 31
You are creating a shared safe for the help desk.
What must be considered regarding the naming convention?

  • A. Safe owners should determine the safe name to enable them to easily remember it.
  • B. Ensure your naming convention is no longer than 20 characters.
  • C. The use of these characters V:*<>".| is not allowed.
  • D. Combine environments, owners and platforms to minimize the total number of safes created.

正解:C


質問 # 32
What is the maximum number of levels of authorization you can set up in Dual Control?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

正解:A


質問 # 33
It is possible to restrict the time of day, or day of week that a [b]verify[/b] process can occur

  • A. FALS
  • B. TRUE

正解:A


質問 # 34
What is the name of the Platform parameters that controls how long a password will stay valid when One Time Passwords are enabled via the Master Policy?

  • A. Interval
  • B. Min Validity Period
  • C. Immediate Interval
  • D. Timeout

正解:B

解説:
Explanation
Min Validity Period -The number of minutes to wait from the last retrieval of the password until it is replaced.
This gives the user a minimum period to be able to use the password before it is replaced. Use -1 to ignore this property. This parameter is also used to release exclusive accounts automatically Interval -" The number of minutes that the Central Policy Manager waits between running periodic searches for the platform. Note: It is recommended to leave the default value of 1440. If a change/verify policy has been configured, the Central Policy Manager will automatically align the periodic searches with the start of the defined timeframes."


質問 # 35
Match the built-in Vault User with the correct definition.

正解:

解説:

Reference:
https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Predefined-Users-and-Groups.htm?TocPath=Administration%7CUser%20Management%7C_____7


質問 # 36
What is the chief benefit of PSM?

  • A. 'Privileged session isolation' and 'Privileged session recording'
  • B. Privileged session recording
  • C. Automatic password management
  • D. Privileged session isolation

正解:B


質問 # 37
What is the name of the Platform parameters that controls how long a password will stay valid when One Time Passwords are enabled via the Master Policy?

  • A. Interval
  • B. Min Validity Period
  • C. Immediate Interval
  • D. Timeout

正解:B

解説:
Min Validity Period -The number of minutes to wait from the last retrieval of the password until it is replaced. This gives the user a minimum period to be able to use the password before it is replaced. Use -1 to ignore this property. This parameter is also used to release exclusive accounts automatically Interval -" The number of minutes that the Central Policy Manager waits between running periodic searches for the platform. Note: It is recommended to leave the default value of 1440. If a change/verify policy has been configured, the Central Policy Manager will automatically align the periodic searches with the start of the defined timeframes."


質問 # 38
What is the primary purpose of One Time Passwords?

  • A. Reduced risk of credential theft
  • B. More frequent password changes
  • C. Non-repudiation (individual accountability)
  • D. To force a 'collusion to commit' fraud ensuring no single actor may use a password without authorization.

正解:A


質問 # 39
CyberArk recommends implementing object level access control on all Safes.

  • A. False
  • B. True

正解:A


質問 # 40
As long as you are a member ofthe Vault Admins group you can grant any permission on any safe.

  • A. FALS
  • B. TRUE

正解:B


質問 # 41
What is the purpose of the Immediate Interval setting in a CPM policy?

  • A. To Control the maximum amount of time the CPM will wait for a password change to complete.
  • B. To control how often the CPM looks for User Initiated CPM work.
  • C. To control how often the CPM rests between password changes.
  • D. To control how often the CPM looks for System Initiated CPM work.

正解:B

解説:
Explanation
When the Master Policy enforces check-in/check-out exclusive access, passwords are changed when the user clicks the Release button and releases the account. This is based on the ImmediateInterval parameter in the applied platform. If the user forgets to release the account, it is automatically released and changed by the CPM after a predetermined number of minutes, defined in the MinValidityPeriod parameter specified in the platform


質問 # 42
PSM for Windows (previously known as "RDP Proxy") supports connections to the following target systems

  • A. Oracle
  • B. UNIX
  • C. Windows
  • D. All of the above

正解:C


質問 # 43
Which report provides a list of account stored in the vault.

  • A. Active Log
  • B. Privileged Accounts Inventory
  • C. Privileged Accounts Compliance Status
  • D. Entitlement Report

正解:A


質問 # 44
In order to connect to a target device through PSM, the account credentials used for the connection must be
stored in the vault?

  • A. False. Because if credentials are not stored in the vault, the PSM will log into the target device as
    PSMConnect.
  • B. True.
  • C. False. Because if credentials are not stored in the vault, the PSM will prompt for credentials.
  • D. False. Because the user can also enter credentials manually using Secure Connect.

正解:D


質問 # 45
CyberArk implements license limits by controlling the number and types of users that can be provisioned in the
vault.

  • A. FALSE
  • B. TRUE

正解:B

解説:
Explanation/Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Managing-the-
CyberArk-License.htm


質問 # 46
A user requested access to view a password secured by dual-control and is unsure who to contact to expedite the approval process. The Vault Admin has been asked to look at the account and identify who can approve their request.
What is the correct location to identify users or groups who can approve?

  • A. PVWA> Administration > Platform Configuration > Edit Platform > UI & Workflow > Dual Control> Approvers
  • B. PVWA> Account List > Edit > Show Advanced Settings > Dual Control > Direct Managers
  • C. PVWA> Policies > Access Control (Safes) > Safe Members > Workflow > Authorize Password Requests
  • D. PrivateArk > Admin Tools > Users and Groups > Auditors (Group Membership)

正解:C


質問 # 47
Users who have the 'Access Safe without confirmation' safe permission on a safe where accounts are configured for Dual control, still need to request approval to use the account.

  • A. FALSE
  • B. TRUE

正解:B


質問 # 48
In order to connect to a target device through PSM, the account credentials used for the connection must be stored in the vault?

  • A. False. Because if credentials are not stored in the vault, the PSM will prompt for credentials.
  • B. False. Because the user can also enter credentials manually using Secure Connect.
  • C. False. Because if credentials are not stored in the vault, the PSM will log into the target device as PSM Connect.
  • D. True.

正解:A


質問 # 49
When on-boarding account using Accounts Feed, which of the following is true?

  • A. You must specify an existing Safe where the account will be stored when it is on-boarded to the Vault.
  • B. You can specify the name of a new Platform that will be created and associated with the account.
  • C. Any account that is on-boarded can be automatically reconciled regardless of the platform it is associated with.
  • D. You can specify the name of a new safe that will be created where the account will be stored when it is on- boarded to the Vault.

正解:B

解説:
Explanation/Reference: https://www.cyberark.com/resource/automating-privileged-account-onboarding/


質問 # 50
......

100%無料CAU201日常練習試験179問題:https://www.goshiken.com/CyberArk/CAU201-mondaishu.html

関するブログ

もっと
CAU201無料問題集