CyberArk Defender – PAM & Sentry – PAM Practice Exam – Updated PAM-DEF-SEN Dumps V10.02

1. What do you need on the Vault to support LDAP over SSL?

2. You are troubleshooting a PVWA slow response.

Which log files should you analyze first? (Choose two.)

3. What is the easiest way to duplicate an existing platform?

4. DRAG DROP

Match each key to its recommended storage location.

5. Due to corporate storage constraints, you have been asked to disable session monitoring and recording for 500 testing accounts used for your lab environment.

How do you accomplish this?

6. A user requested access to view a password secured by dual-control and is unsure who to contact to expedite the approval process. The Vault Admin has been asked to look at the account and identify who can approve their request.

What is the correct location to identify users or groups who can approve?

7. What must you specify when configuring a discovery scan for UNIX? (Choose two.)

8. To change the safe where recordings are kept for a specific platform, which setting must you update in the platform configuration?

9. Which processes reduce the risk of credential theft? (Choose two.)

10. You are onboarding 5,000 UNIX root accounts for rotation by the CPM. You discover that the CPM is unable to log in directly with the root account and will need to use a secondary account.

How can this be configured to allow for password management using least privilege?

11. DRAG DROP

ADR Vault became active due to a failure of the primary Vault. Service on the primary Vault has now been restored. Arrange the steps to return the DR vault to its normal standby mode in the correct sequence.

12. Which methods can you use to add a user directly to the Vault Admin Group? (Choose three.)

13. Which Automatic Remediation is configurable for a PTA detection of a "Suspected Credential Theft"?

14. Which item is an option for PSM recording customization?

15. DRAG DROP

Match the built-in Vault user with the correct definition.

16. You want to create a new onboarding rule.

Where do you accomplish this?

17. What does the Export Vault Data (EVD) utility do?

18. When are external vault users and groups synchronized by default?

19. You created a new safe and need to ensure the user group cannot see the password, but can connect through the PSM.

Which safe permissions must you grant to the group? (Choose two.)

20. During a High Availability node switch you notice an error and the Cluster Vault Manager Utility fails back to the original node.

Which log files should you check to investigate the cause of the issue? (Choose three.)

21. Which parameters can be used to harden the Credential Files (CredFiles) while using CreateCredFile Utility? (Choose three.)

22. Where can a user with the appropriate permissions generate a report? (Choose two.)

23. Users are unable to launch Web Type Connection components from the PSM server. Your manager asked you to open the case with CyberArk Support.

Which logs will be most useful for the CyberArk Support Team to debug the issue? (Choose three.)

24. You have been asked to identify the up or down status of Vault Services.

Which CyberArk utility can you use to accomplish this task?

25. A new colleague created a directory mapping between the Active Directory groups and the Vault.

Where can the newly Configured directory mapping be tested?

26. A user needs to view recorded sessions through the PVWA.

Without giving auditor access, which safes does a user need access to view PSM recordings? (Choose two.)

27. Which file must be edited on the Vault to configure it to send data to PTA?

28. You want to build a connector that connects to a website through the Web applications for PSM framework.

Which default connector do you duplicate and modify?

29. DRAG DROP

A new HTML5 Gateway has been deployed in your organization.

From the PVWA, arrange the steps to configure a PSM host to use the HTML5 Gateway in the correct sequence.

30. When an account is unable to change its own password, how can you ensure that password reset with the reconcile account is performed each time instead of a change?

31. In a default CyberArk installation, which group must a user be a member of to view the "reports" page in PVWA?

32. Your organization requires all passwords be rotated every 90 days.

Where can you set this requirement?

33. According to CyberArk, which issues most commonly cause installed components to display as disconnected in the System Health Dashboard? (Choose two.)

34. Where can reconcile and/or logon accounts be linked to an account? (Choose two.)

35. You are running a "Privileged Accounts Inventory" Report through the Reports page in PVWA on a specific safe.

To show complete account inventory information, which permission/s are needed on that safe?