CyberArk PAM-DEF Online Practice Questions and Exam Preparation

CyberArk PAM-DEF Online Questions & Answers

• Question 151:

  Which report shows the accounts that are accessible to each user?

  A. Activity report
  B. Entitlement report
  C. Privileged Accounts Compliance Status report
  D. Applications Inventory report
  B. Entitlement report

• Question 152:

  Users are unable to launch Web Type Connection components from the PSM server. Your manager asked you to open the case with CyberArk Support. Which logs will be most useful for the CyberArk Support Team to debug the issue? (Choose three.)

  A. PSMConsole.log
  B. PSMDebug.log
  C. PSMTrace.log
  D. .Component.log
  E. PMconsole.log
  F. ITALog.log
  A. PSMConsole.log
  C. PSMTrace.log
  D. .Component.log

• Question 153:

  What is required to manage loosely connected devices?

  A. PSM for SSH
  B. EPM
  C. PSM
  D. PTA
  B. EPM

• Question 154:

  Which report provides a list of account stored in the vault.

  A. Privileged Accounts Inventory
  B. Privileged Accounts Compliance Status
  C. Entitlement Report
  D. Active Log
  A. Privileged Accounts Inventory

• Question 155:

  Which built-in report from the reports page in PVWA displays the number of days until a password is due to expire?

  A. Privileged Accounts Inventory
  B. Privileged Accounts Compliance Status
  C. Activity Log
  D. Privileged Accounts CPM Status
  B. Privileged Accounts Compliance Status

  ---

  Explanation/Reference:

  Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/ReportsInPVWA.htm?TocPath=End%20User%7CReports%20and%20Audits%7C_____1

• Question 156:

  It is possible to restrict the time of day, or day of week that a [b]reconcile[/b] process can occur

  A. TRUE
  B. FALS
  A. TRUE

  ---

  Explanation/Reference:

  Password reconciliation can be restricted to specific days. This means that the CPM will only reconcile passwords on the days of the week specified in the RCExecutionDays parameter. The days of the week are represented by the first 3 letters of the name of the day. Sunday is represented by Sun, Mondayby Mon, etc.

• Question 157:

  According to CyberArk, which issues most commonly cause installed components to display as disconnected in the System Health Dashboard? (Choose two.)

  A. network instabilities/outages
  B. vault license expiry
  C. credential de-sync
  D. browser compatibility issues
  E. installed location file corruption
  A. network instabilities/outages
  C. credential de-sync

• Question 158:

  Which report could show all accounts that are past their expiration dates?

  A. Privileged Account Compliance Status report
  B. Activity log
  C. Privileged Account Inventory report
  D. Application Inventory report
  A. Privileged Account Compliance Status report

• Question 159:

  A password compliance audit found:

  1) One-time password access of 20 domain accounts that are members of Domain Admins group in Active Directory are not being enforced.

  2) All the sessions of connecting to domain controllers are not being recorded by CyberArk PSM.

  What should you do to address these findings?

  A. Edit the Master Policy and add two policy exceptions: enable "Enforce one-time password access", enable "Record and save session activity".
  B. Edit safe properties and add two policy exceptions: enable "Enforce one-time password access", enable "Record and save session activity".
  C. Edit CPM Settings and add two policy exceptions: enable "Enforce one-time password access", enable "Record and save session activity".
  D. Contact the Windows Administrators and request them to add two policy exceptions at Active Directory Level: enable "Enforce one-time password access", enable "Record and save session activity".
  A. Edit the Master Policy and add two policy exceptions: enable "Enforce one-time password access", enable "Record and save session activity".

• Question 160:

  A Logon Account can be specified in the Master Policy.

  A. TRUE
  B. FALSE
  B. FALSE