CyberArkは2023年最新のEPM-DEFテスト解説(更新されたのは62問があります)
EPM-DEF試験問題集を提供していますCyberArk問題
CyberArk Defender - EPM試験は、エンドポイントセキュリティに関連する幅広いトピックをカバーしており、EPMのインストールと設定方法、エンドポイント上の特権アカウントと資格情報の管理方法、サイバー脅威に対抗するためのセキュリティポリシーの実装と維持方法などが含まれます。この試験は、EPMを使用してサイバー攻撃に対処し、組織の重要な資産を保護するためのスキルと知識を検証するために設計されています。
質問 # 19
How does a Trusted Source policy affect an application?
- A. Applications will be allowed to run always in elevated mode.
- B. Applications will be allowed to run and will only elevate if required.
- C. Applications will be allowed to run and will inherit the process token from the EPM agent.
- D. Application from the defined trusted sources must be configured on a per application basis, in order to define run and elevation parameters.
正解:D
質問 # 20
Where can you view CyberArk EPM Credential Lures events?
- A. Policy Audit
- B. Events Management
- C. Application Catalog
- D. Threat Protection Inbox
正解:D
質問 # 21
When working with credential rotation/loosely connected devices, what additional CyberArk components are required?
- A.
- B. DAP
- C. PTA
- D. PVWA
正解:D
質問 # 22
Which threat intelligence source requires the suspect file to be sent externally?
- A. VirusTotal
- B. CyberArk Application Risk Analysis Service (ARA)
- C. Palo Alto Wildfire
- D. NSRL
正解:A
質問 # 23
In EPM, creation of which user type is required to use SAML?
- A. SQL User
- B. Local CyberArk EPM User
- C. Azure AD User
- D. AD User
正解:C
質問 # 24
What are Trusted sources for Windows endpoints used for?
- A. Creating policies that contain trusted sources of applications.
- B. Listing all the approved application to the end users.
- C. Managing groups added by recommendation.
- D. Defining applications that can be used by the developers.
正解:B
質問 # 25
How does CyberArk EPM's Ransomware Protection feature monitor for Ransomware Attacks?
- A. It sandboxes the suspected ransomware and applies heuristics.
- B. It compares known ransomware signatures retrieved from virus databases.
- C. It monitors for any unauthorized access to specified files.
- D. It performs a lookup of file signatures against VirusTotal's database.
正解:A
質問 # 26
Which of the following is CyberArk's Recommended FIRST roll out strategy?
- A. Implement Application Control
- B. Implement Threat Detection
- C. Implement Ransomware Protection
- D. Implement Privilege Management
正解:D
質問 # 27
When enabling Threat Protection policies, what should an EPM Administrator consider? (Choose two.)
- A. Threat Protection policies requires an additional agent to be installed.
- B. Some Threat Protection policies are applicable only for Windows Servers as opposed to Workstations.
- C. Certain Threat Protection policies apply for specific applications not found on all machines
- D. Threat Protection features are not available in all regions.
正解:B、C
質問 # 28
Select the default threat intelligence source that requires additional licensing.
- A. CyberArk Application Risk Analysis Service
- B. Palo Alto WildFire
- C. VirusTotal
- D. NSRL
正解:B
質問 # 29
What can you manage by using User Policies?
- A. Just-In-Time endpoint access and elevation, access to removable drives, filesystem and registry access, Services access, and User account control monitoring.
- B. Just-In-Time endpoint access and elevation, access to removable drives, and Services access.
- C. Filesystem and registry access, access to removable drives, and Services access.
- D. Access to Windows Services only.
正解:A
質問 # 30
If Privilege Management is not working on an endpoint, what is the most likely cause that can be verified in the EPM Agent Log Files?
- A. Agent version is incompatible.
- B. Behavior of the elevation prompt for administrators in Admin Approval Mode is set to "Prompt for Consent for non-Windows binaries".
- C. UAC policy Admin Approval for the Built-in Administrator Account is set to "Disabled".
- D. UAC policy Run all administrators in Admin Approval Mode is set to "Enabled".
正解:D
質問 # 31
For the CyberArk EPM Threat Deception Credential Lure feature, what is the recommendation regarding the username creation?
- A. The username should match to an existing account.
- B. The username should not match to an existing account.
- C. The username should have a strong password associated.
- D. The username should match the built-in local Administrator.
正解:B
質問 # 32
Which policy can be used to improve endpoint performance for applications commonly used for software development?
- A. Developer Applications
- B. Trusted Source
- C. Trusted Application
- D. Software Updater
正解:C
質問 # 33
An application has been identified by the LSASS Credentials Harvesting Module.
What is the recommended approach to excluding the application?
- A. In Agent Configurations, add the application to the Threat Protection Exclusions
- B. Add the application to the Files to be Ignored Always in Agent Configurations.
- C. Add the application to an Advanced Policy or Application Group with an Elevate policy action.
- D. Exclude the application within the LSASS Credentials Harvesting module.
正解:A
質問 # 34
Which EPM reporting tool provides a comprehensive view of threat detection activity?
- A. Detected Threats
- B. Threat Detection Events
- C. McAfee ePO Reports
- D. Threat Detection Dashboard
正解:D
質問 # 35
For Advanced Policies, what can the target operating system users be set to?
- A. Local or AD users and groups, Azure AD User, Azure AD Group
- B. Local or AD users and groups
- C. Local or AD users, Azure AD Users
- D. AD Groups, Azure AD Groups
正解:B
質問 # 36
CyberArk's Privilege Threat Protection policies are available for which Operating Systems? (Choose two.)
- A. Windows Workstations
- B. Linux
- C. MacOS
- D. Windows Servers
正解:A、D
質問 # 37
An EPM Administrator needs to create a policy to allow the MacOS developers elevation to an application.
What type of policy should be used?
- A. Elevate Application Group
- B. Developer Applications Application Group
- C. Elevate Trusted Applications If Necessary Advanced Policy
- D. Elevate MacOS Policy
正解:C
質問 # 38
An EPM Administrator would like to notify end users whenever the Elevate policy is granting users elevation for their applications. Where should the EPM Administrator go to enable the end-user dialog?
- A. Default Policies
- B. End-User UI within the policy
- C. End-user UI in the left panel of the console
- D. Advanced, Agent Configurations
正解:B
質問 # 39
Can the EPM Set Administrator configure Audit Dialog Pop-ups for the Record Audit Video option?
- A. Yes, when Audit Video recording started, when not enough disk space to start the video recording, and when video recording is initializing.
- B. No, Audit Video is only available without the possibility of having End-User dialog pop-ups.
- C. Yes, when Audit Video recording started, when Audit Video recording is uploaded to the EPM server, and when audit recording cannot be initialized.
- D. Yes, when Audit Video recording started, when Audit Video recording stopped, and when Audit Recording video reached size limit.
正解:B
質問 # 40
When adding the EPM agent to a pre-existing security stack on workstation, what two steps are CyberArk recommendations. (Choose two.)
- A. Create new advanced policies for each security tool.
- B. Add any pre-existing security application to the Files to Be Ignored Always.
- C. Add EPM agent to the other security tools exclusions.
- D. EPM agent should never be run with any other security tools.
正解:B、C
質問 # 41
An EPM Administrator would like to enable a Threat Protection policy, however, the policy protects an application that is not installed on all endpoints.
What should the EPM Administrator do?
- A. Split up the endpoints in to separate Sets and enable Threat Protection for only one of the Sets.
- B. Enable the Threat Protection policy only in Detect mode.
- C. Do not enable the Threat Protection policy.
- D. Enable the Threat Protection policy and configure the Policy Targets.
正解:A
質問 # 42
......
EPM-DEF認定ガイドPDFは100%カバー率でリアル試験問題:https://www.goshiken.com/CyberArk/EPM-DEF-mondaishu.html