Latest PAM-DEF-SEN Practice Tests with Actual Questions

PAM-DEF-SEN Dumps

PAM-DEF-SEN Braindumps PAM-DEF-SEN Real Questions PAM-DEF-SEN Practice Test PAM-DEF-SEN Actual Questions

CyberArk

PAM-DEF-SEN

CyberArk Defender PAM & Sentry

https://killexams.com/pass4sure/exam-detail/PAM-DEF-SEN

Question: 106

A SIEM integration allows you to forward ITALOG records to a monitoring solution.

1. TRUE

2. FALSE

Answer: B

Question: 107

In a Distributed Vaults environment, which of the following components will NOT be communicating with the Satellite Vaults?

1. AAM Credential Provider (previously known as AIM Credential Provider)

2. ExportVaultData utility

3. PAReplicate utility

4. Central Policy Manager

Answer: D

Question: 108

What is the proper way to allow the Vault to resolve host names?

1. Define a DNS server

2. Define a WINS server

3. Defining the local hosts file

4. The Vault cannot resolve host names due to security standards

Answer: C

Question: 109

When working with the CyberArk Disaster Recovery (DR) solution, which services should be running on the DR Vault?

1. CyberArk Vault Disaster Recovery (DR), PrivateArk Database

2. CyberArk Vault Disaster Recovery

3. CyberArk Vault Disaster Recovery, PrivateArk Database, PrivateArk Server

4. CyberArk Vault Disaster Recovery, PrivateArk Database, CyberArk Event Notification Engine

Answer: D

Question: 110

A safe was recently created by a user who is a member of the LDAP Vault Administrators group. Which of the following users does not have access to the newly created safe by default?

1. Master

2. Administrator

3. Auditor

4. Backup

Answer: D

Question: 111

What is the purpose of the password verify process?

1. To test that CyberArk is storing accurate credentials for accounts.

2. To change the password of an account according to organizationally defined password rules.

3. To allow CyberArk to manage unknown or lost credentials.

4. To generate a new complex password.

Answer: A
Explanation:

Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Verifying- Passwords.htm#:~:text=The%20CPM%20can%20verify%20password,manually%20by%20 an%20authorized%20user.

Question: 112

What is the primary purpose of Exclusive Accounts?

1. Reduced risk of credential theft

2. More frequent password changes

3. Non-repudiation (individual accountability)

4. To force a ‘collusion to commit’ fraud ensuring no single actor may use a password without authorization

Answer: C

Question: 113

Accounts Discovery allows secure connections to domain controllers.

A. TRU

C. FALSE

Answer: A

Question: 114

Which parameter controls how often the CPM looks for accounts that need to be changed from recently completed Dual control requests?

1. HeadStartInterval

2. Interval

3. ImmediateInterval

4. The CPM does not change the password under this circumstance

Answer: C

Question: 115

To support a fault tolerant and high-availability architecture, the Password Vault Web Access (PVWA) servers must to be configured to communicate with the Primary Vault and Satellite Vaults.

Which file needs to be changed on the PVWA to enable this setup?

1. Vault.ini

2. dbparm.ini

3. pvwa.ini

4. Satellite.ini

Answer: A
Explanation:

Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/11.1/en/Content/PAS%20INST/Password-Vault- Web-Access-Installation.htm

Question: 116

The ACME Company has been a CyberArk customer for many years. ACME Management has asked you to perform a “Health Check" review of the CyberArk deployment. During your analysis you discover that the PSM Component server is fully functional. The RDP SSL certificate is self-signed and the CyberArk Privileged Session Management Service is running under the Local Service. SSL 3.0 is enabled in the Registry.

1. The PSM Component Server is configured as defined in PAS Installation Guide.

2. The PSM Component Server has been installed correctly but PSM Hardening procedures have not been followed and must be rebuilt.

3. The PSM Component Server has been installed correctly but PSM Hardening procedures have not been followed. Hardening procedures must be applied manually to the existing configuration.

4. The PSM Component Server has been installed correctly but PVWA Hardening procedures have not been followed. Hardening procedures can be applied via the Installation Automation script or manually to the existing configuration.

Answer: A

Question: 117

Which of the following logs contain information about errors related to PTA?

1. ITAlog.log

2. diamond.log

3. pm_error.log

4. WebApplication.log

Answer: B

Question: 118

Which combination of safe member permissions will allow End Users to log in to a remote machine transparently but NOT show or copy the password?

1. Use Accounts, Retrieve Accounts, List Accounts

2. Use Accounts, List Accounts

3. Use Accounts

4. List Accounts, Retrieve Accounts

Answer: D

Question: 119

tsparm.ini is the main configuration file for the vault.

1. TRUE

2. FALSE

Answer: B

Question: 120

Is it possible to modify the CyberArk Vault Audit Log?

1. Yes, a Vault administrator can modify the Audit log

2. No, the audit trail is tamper proof and cannot be edited, not even by Master

3. Yes, but only the Master user can modify the Audit log

4. Yes, a Vault administrator can edit the Audit log but only with explicit permission from CyberArk

Answer: B

Question: 121

Which of the following PTA detections are included in the Core PAS offering? (Choose all that apply.)

1. Suspected Credential Theft

2. Over-Pass-The-Hash

3. Golden Ticket

4. Unmanaged Privileged Access

Answer: A,B

Question: 122

Multiple PVWA servers provide automatic load balancing.

1. TRUE

2. FALSE

Answer: B