Exam Code : PAM-DEF
Exam Name : CyberArk Defender
Vendor Name :
"CyberArk"
PAM-DEF Dumps PAM-DEF Braindumps
PAM-DEF Real Questions PAM-DEF Practice Test PAM-DEF Actual Questions
CyberArk Defender
https://killexams.com/pass4sure/exam-detail/PAM-DEF
Question: 49
It is possible to restrict the time of day, or day of week that a [b]verify[/b] process can occur
TRUE
FALSE
Password verification can be restricted to specific days. This means that the CPM will only verify passwords on the days of the week specified in the VFExecutionDays parameter. The days of the week are represented by the first 3 letters of the name of the day. Sunday is represented by Sun, Monday by Mon, etc.
Question: 50
A Simple Mail Transfer Protocol (SMTP) integration is critical for monitoring Vault activity and facilitating workflow processes, such as Dual Control.
True
False
Question: 51
What is the purpose of the PrivateArk Server service?
Executes password changes
Maintains Vault metadata
Makes Vault data accessible to components
Sends email alerts from the Vault
Question: 52
A user with administrative privileges to the vault can only grant other users privileges that he himself has.
TRUE
FALSE
Question: 53
Which parameter controls how often the CPM looks for Soon-to-be-expired Passwords that need to be changed.
HeadStartInterval
Interval
ImmediateInterval
The CPM does not change the password under this circumstance
Question: 54
In the screenshot displayed, you just configured the usage in CyberArk and want to update its password.
What is the least intrusive way to accomplish this?
Use the “change” button on the usage’s details page.
Use the “change” button on the parent account’s details page.
Use the “sync” button on the usage’s details page.
Use the “reconcile” button on the parent account’s details page.
Question: 55
Which utilities could you use to change debugging levels on the vault without having to restart the vault. Select all that apply.
PAR Agent
PrivateArk Server Central Administration
Edit DBParm.ini in a text editor.
Setup.exe
PAR-Private Ark Remote Control Agent allows you to perform several Vault admin tasks (without restarting the Vault) and view machine statistics.
Question: 56
You receive this error: “Error in changepass to user domainuser on domain server(domain. (winRc=5) Access is denied.”
Which root cause should you investigate?
The account does not have sufficient permissions to change its own password.
The domain controller is unreachable.
The password has been changed recently and minimum password age is preventing the change.
The CPM service is disabled and will need to be restarted.
Reference: https://cyberark-customers.force.com/s/article/CPM-can-login-and-verify-a-password-but-can-t-change- the-password-winRc-5-Access-is-denied
Question: 57
Which Master Policy Setting must be active in order to have an account checked-out by one user for a pre-determined amount of time?
Require dual control password access Approval
Enforce check-in/check-out exclusive access
Enforce one-time password access
Enforce check-in/check-out exclusive access & Enforce one-time password access
Question: 58
Which of the following Privileged Session Management solutions provide a detailed audit log of session activities?
PSM (i.e., launching connections by clicking on the "Connect" button in the PVWA)
PSM for Windows (previously known as RDP Proxy)
PSM for SSH (previously known as PSM SSH Proxy)
All of the above
Question: 59
You are creating a Dual Control workflow for a team’s safe. Which safe permissions must you grant to the Approvers group?
List accounts, Authorize account request
Retrieve accounts, Access Safe without confirmation
Retrieve accounts, Authorize account request
List accounts, Unlock accounts
Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/PVWA-Dual- Control.htm (expand all and search for retrieve accounts)
Question: 60
A Vault administrator have associated a logon account to one of their Unix root accounts in the vault. When attempting to verify the root account’s password the Central Policy Manager (CPM) will:
ignore the logon account and attempt to log in as root
prompt the end user with a dialog box asking for the login account to use
log in first with the logon account, then run the SU command to log in as root using the password in the Vault
none of these