Exam Code : PAM-DEF-SEN
Exam Name : CyberArk Defender PAM & Sentry
Vendor Name :
"CyberArk"
PAM-DEF-SEN Dumps
PAM-DEF-SEN Braindumps PAM-DEF-SEN Real Questions PAM-DEF-SEN Practice Test PAM-DEF-SEN Actual Questions
CyberArk Defender PAM & Sentry
https://killexams.com/pass4sure/exam-detail/PAM-DEF-SEN
Question: 106
A SIEM integration allows you to forward ITALOG records to a monitoring solution.
TRUE
FALSE
Question: 107
In a Distributed Vaults environment, which of the following components will NOT be communicating with the Satellite Vaults?
AAM Credential Provider (previously known as AIM Credential Provider)
ExportVaultData utility
PAReplicate utility
Central Policy Manager
Question: 108
What is the proper way to allow the Vault to resolve host names?
Define a DNS server
Define a WINS server
Defining the local hosts file
The Vault cannot resolve host names due to security standards
Question: 109
When working with the CyberArk Disaster Recovery (DR) solution, which services should be running on the DR Vault?
CyberArk Vault Disaster Recovery (DR), PrivateArk Database
CyberArk Vault Disaster Recovery
CyberArk Vault Disaster Recovery, PrivateArk Database, PrivateArk Server
CyberArk Vault Disaster Recovery, PrivateArk Database, CyberArk Event Notification Engine
Question: 110
A safe was recently created by a user who is a member of the LDAP Vault Administrators group. Which of the following users does not have access to the newly created safe by default?
Master
Administrator
Auditor
Backup
Question: 111
What is the purpose of the password verify process?
To test that CyberArk is storing accurate credentials for accounts.
To change the password of an account according to organizationally defined password rules.
To allow CyberArk to manage unknown or lost credentials.
To generate a new complex password.
Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Verifying- Passwords.htm#:~:text=The%20CPM%20can%20verify%20password,manually%20by%20 an%20authorized%20user.
Question: 112
What is the primary purpose of Exclusive Accounts?
Reduced risk of credential theft
More frequent password changes
Non-repudiation (individual accountability)
To force a ‘collusion to commit’ fraud ensuring no single actor may use a password without authorization
Question: 113
Accounts Discovery allows secure connections to domain controllers.
A. TRU
C. FALSE
Question: 114
Which parameter controls how often the CPM looks for accounts that need to be changed from recently completed Dual control requests?
HeadStartInterval
Interval
ImmediateInterval
The CPM does not change the password under this circumstance
Question: 115
To support a fault tolerant and high-availability architecture, the Password Vault Web Access (PVWA) servers must to be configured to communicate with the Primary Vault and Satellite Vaults.
Which file needs to be changed on the PVWA to enable this setup?
Vault.ini
dbparm.ini
pvwa.ini
Satellite.ini
Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/11.1/en/Content/PAS%20INST/Password-Vault- Web-Access-Installation.htm
Question: 116
The ACME Company has been a CyberArk customer for many years. ACME Management has asked you to perform a “Health Check" review of the CyberArk deployment. During your analysis you discover that the PSM Component server is fully functional. The RDP SSL certificate is self-signed and the CyberArk Privileged Session Management Service is running under the Local Service. SSL 3.0 is enabled in the Registry.
The PSM Component Server is configured as defined in PAS Installation Guide.
The PSM Component Server has been installed correctly but PSM Hardening procedures have not been followed and must be rebuilt.
The PSM Component Server has been installed correctly but PSM Hardening procedures have not been followed. Hardening procedures must be applied manually to the existing configuration.
The PSM Component Server has been installed correctly but PVWA Hardening procedures have not been followed. Hardening procedures can be applied via the Installation Automation script or manually to the existing configuration.
Question: 117
Which of the following logs contain information about errors related to PTA?
ITAlog.log
diamond.log
pm_error.log
WebApplication.log
Question: 118
Which combination of safe member permissions will allow End Users to log in to a remote machine transparently but NOT show or copy the password?
Use Accounts, Retrieve Accounts, List Accounts
Use Accounts, List Accounts
Use Accounts
List Accounts, Retrieve Accounts
Question: 119
tsparm.ini is the main configuration file for the vault.
TRUE
FALSE
Question: 120
Is it possible to modify the CyberArk Vault Audit Log?
Yes, a Vault administrator can modify the Audit log
No, the audit trail is tamper proof and cannot be edited, not even by Master
Yes, but only the Master user can modify the Audit log
Yes, a Vault administrator can edit the Audit log but only with explicit permission from CyberArk
Question: 121
Which of the following PTA detections are included in the Core PAS offering? (Choose all that apply.)
Suspected Credential Theft
Over-Pass-The-Hash
Golden Ticket
Unmanaged Privileged Access
Question: 122
Multiple PVWA servers provide automatic load balancing.
TRUE
FALSE