CAU302 CyberArk Defender + Sentry Questions and Answers

During LDAP/S integration you should specify the Fully Qualified Domain Name (FQDN) of the Domain Controller

The vault provides a tamper-proof audit trail.

The vault does not support Role Based Access Control

It is impossible to override Master Policy settings for a Platform

Which of the following are prerequisites for installing PVWA Check all that Apply

What is the purpose of the Interval setting in a CPM policy?

Time of day of week restrictions on when password changes can occur are configured in ________________.

To support a fault tolerant and high-availability architecture, the Password Vault Web Access (PVWA) servers need to be configured to communicate with the Primary Vault and Satellite Vaults. What file needs to be changed on the PVWA to enable this setup?

The Vault administrator can change the Vault license by uploading the new license to the system Safe.

When the PSM Gateway (also known as the HTML5 Gateway) is implemented, users must have an RDP client, such as MSTSC, installed on their endpoint in order to launch connections via the PSM.

In order to grant a permission to a user, and administrator MUST possess that permission.

You are successfully managing passwords in the alpha.cyberark com domain; however when you attempt to manage a password in the beta.cyberark.com domain, you receive the 'network path not found* error What should you check first?

Multiple PVWA servers can be load balanced.

According to the default web options settings, which group grants access to the reports page?

Multiple Vault Servers can be load balanced.

CyberArk recommends implementing object level access control on all Safes.

Which Master Policy Setting(s) must be active in order to have an account checked-out by one user for a predetermined amount of time?

A Logon Account can be specified in the Master Policy

The System safe allows access to the Vault configuration files.

In order to connect to a target device through PSM, the account credentials used for the connection must be stored in the vault.

Which CyberArk components or products can be used to discover Windows Services or Scheduled Tasks that use privileged accounts'? Select all that apply.

What is the purpose of the password Change process?

Which one of the built-in Vault users is not automatically added to the safe when it is first created in PVWA?

One of your users is receiving the error message “ITATS006E Station is suspended for User jsmith” when

attempting to sign in to the pvwa. Which utility would you use to correct this problem?

The PSM Gateway (also known as the HTML5 Gateway) can be installed

An SNMP integration allows you to forward audit records from the vault to the SIEM.

What is the purpose of the CyberArk Event Notification Engine service.

Assuming a safe has been configured to be accessible during certain hours of the day, a Vault Admin may still access that safe outside of those hours.

It is possible to leverage DNA to provide discovery functions that are not available with auto-detection.

What values are acceptable in the address field on the Accounts Details.

Which service should NOT be running on the DR Vault when the primary production Vault is up?

If a user is a member of more than one group that has authorizations on a safe, by default that user is granted

__________________.