PAM-DEF-SEN Dumps

PAM-DEF-SEN Braindumps PAM-DEF-SEN Real Questions PAM-DEF-SEN Practice Test PAM-DEF-SEN Actual Questions


CyberArk


PAM-DEF-SEN


CyberArk Defender PAM & Sentry


https://killexams.com/pass4sure/exam-detail/PAM-DEF-SEN


Question: 106


A SIEM integration allows you to forward ITALOG records to a monitoring solution.

  1. TRUE

  2. FALSE


Answer: B


Question: 107


In a Distributed Vaults environment, which of the following components will NOT be communicating with the Satellite Vaults?

  1. AAM Credential Provider (previously known as AIM Credential Provider)

  2. ExportVaultData utility

  3. PAReplicate utility

  4. Central Policy Manager


Answer: D


Question: 108


What is the proper way to allow the Vault to resolve host names?

  1. Define a DNS server

  2. Define a WINS server

  3. Defining the local hosts file

  4. The Vault cannot resolve host names due to security standards


Answer: C


Question: 109


When working with the CyberArk Disaster Recovery (DR) solution, which services should be running on the DR Vault?

  1. CyberArk Vault Disaster Recovery (DR), PrivateArk Database

  2. CyberArk Vault Disaster Recovery

  3. CyberArk Vault Disaster Recovery, PrivateArk Database, PrivateArk Server

  4. CyberArk Vault Disaster Recovery, PrivateArk Database, CyberArk Event Notification Engine


Answer: D


Question: 110

A safe was recently created by a user who is a member of the LDAP Vault Administrators group. Which of the following users does not have access to the newly created safe by default?

  1. Master

  2. Administrator

  3. Auditor

  4. Backup


Answer: D


Question: 111


What is the purpose of the password verify process?

  1. To test that CyberArk is storing accurate credentials for accounts.

  2. To change the password of an account according to organizationally defined password rules.

  3. To allow CyberArk to manage unknown or lost credentials.

  4. To generate a new complex password.


Answer: A Explanation:

Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Verifying- Passwords.htm#:~:text=The%20CPM%20can%20verify%20password,manually%20by%20 an%20authorized%20user.


Question: 112


What is the primary purpose of Exclusive Accounts?

  1. Reduced risk of credential theft

  2. More frequent password changes

  3. Non-repudiation (individual accountability)

  4. To force a ‘collusion to commit’ fraud ensuring no single actor may use a password without authorization


Answer: C


Question: 113


Accounts Discovery allows secure connections to domain controllers.

A. TRU

C. FALSE


Answer: A


Question: 114


Which parameter controls how often the CPM looks for accounts that need to be changed from recently completed Dual control requests?

  1. HeadStartInterval

  2. Interval

  3. ImmediateInterval

  4. The CPM does not change the password under this circumstance


Answer: C


Question: 115


To support a fault tolerant and high-availability architecture, the Password Vault Web Access (PVWA) servers must to be configured to communicate with the Primary Vault and Satellite Vaults.


Which file needs to be changed on the PVWA to enable this setup?

  1. Vault.ini

  2. dbparm.ini

  3. pvwa.ini

  4. Satellite.ini


Answer: A Explanation:

Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/11.1/en/Content/PAS%20INST/Password-Vault- Web-Access-Installation.htm


Question: 116


The ACME Company has been a CyberArk customer for many years. ACME Management has asked you to perform a “Health Check" review of the CyberArk deployment. During your analysis you discover that the PSM Component server is fully functional. The RDP SSL certificate is self-signed and the CyberArk Privileged Session Management Service is running under the Local Service. SSL 3.0 is enabled in the Registry.

  1. The PSM Component Server is configured as defined in PAS Installation Guide.

  2. The PSM Component Server has been installed correctly but PSM Hardening procedures have not been followed and must be rebuilt.

  3. The PSM Component Server has been installed correctly but PSM Hardening procedures have not been followed. Hardening procedures must be applied manually to the existing configuration.

  4. The PSM Component Server has been installed correctly but PVWA Hardening procedures have not been followed. Hardening procedures can be applied via the Installation Automation script or manually to the existing configuration.

Answer: A


Question: 117


Which of the following logs contain information about errors related to PTA?

  1. ITAlog.log

  2. diamond.log

  3. pm_error.log

  4. WebApplication.log


Answer: B


Question: 118


Which combination of safe member permissions will allow End Users to log in to a remote machine transparently but NOT show or copy the password?

  1. Use Accounts, Retrieve Accounts, List Accounts

  2. Use Accounts, List Accounts

  3. Use Accounts

  4. List Accounts, Retrieve Accounts


Answer: D


Question: 119


tsparm.ini is the main configuration file for the vault.

  1. TRUE

  2. FALSE


Answer: B


Question: 120


Is it possible to modify the CyberArk Vault Audit Log?

  1. Yes, a Vault administrator can modify the Audit log

  2. No, the audit trail is tamper proof and cannot be edited, not even by Master

  3. Yes, but only the Master user can modify the Audit log

  4. Yes, a Vault administrator can edit the Audit log but only with explicit permission from CyberArk


Answer: B


Question: 121


Which of the following PTA detections are included in the Core PAS offering? (Choose all that apply.)

  1. Suspected Credential Theft

  2. Over-Pass-The-Hash

  3. Golden Ticket

  4. Unmanaged Privileged Access


Answer: A,B


Question: 122


Multiple PVWA servers provide automatic load balancing.

  1. TRUE

  2. FALSE


Answer: B