CyberArk ACCESS-DEF Exam Practice Test Instant Access

Question 1

A user's account information required for multi-factor authentication is not set up properly and is preventing the user from logging in.

What should you do?

AUse the MFA Unlock command in the Admin Portal to suspend multifactor authentication for 10 minutes.

BDelete the user's account and create a new one.

CAsk the user to delete all browser cookies, then try again.

DChange the user's director/ source from Active Directory to LDAP for authentication.

Answer : A

Question 2

Which protocols can CyberArk provide MFA for VPN? (Choose two.)

ASAML

BRADIUS

CIMAP

DTACACS

ELDAP

Answer : A, B

Question 3

Where can MFA filters be used? (Choose three.)

AUser and Admin Portal login

BApp level 2FA/MFA

CRADIUS

DSelf-service password reset

EEditing personal profile attributes

FOAUTH2 connections

Answer : A, B, D

Question 4

Which dashboard can display the applications launched by users, the application type, and the number of times they were launched?

AAdmin Portal: Applications Dashboard

BUser Portal: Activity

CAdmin Portal: Overview Dashboard

DUser Behavioral Analytics Portal: Insights Application User Login Summary Dashboard

Answer : A

Question 5

Refer to the exhibit.

This exhibit shows the base authentication policy for ACME Corporation. You must edit the policy to allow users to authenticate once if they fulfill certain authentication criteria.

How should you configure this policy to support BOTH?

AConfigure 'Challenge Pass-Through Duration' to be 'always'.

BConfigure FID02 authenticator as Challenge 1.

CConfigure FID02 authenticator as Challenge 2.

DConfigure QR Code as 'Single Authentication Mechanism'.

Answer : D

Question 6

Your organization wants to implement passwordless authentication for business critical web applications. CyberArk Identity manages access to these applications.

What can you do to facilitate the enforcement of this passwordless authentication initiative? (Choose two.)

AConfigure a certificate-based authentication policy in CyberArk Identity that only allows access to CyberArk Identity or the business critical web applications.

BSend an email to the affected users and get them to renew their authentication token(s).

CRoll out the CyberArk Windows Cloud Agent to the affected endpoints.

DRefresh the endpoint operating system and define the new authentication method.

ERoll out Secure Web Sessions to the applicable users.

Answer : A, C

Question 7

When logging on to the User Portal, which authentication methods can enable the user to bypass authentication rules and default profile? (Choose two.)

ACertification-Based Authentication (CBA)

BIntegrated Windows Authentication (IWA)

CQR Code Authentication

DFIDO2 Authentication

ERADIUS Authentication

Answer : B, D

CyberArk Defender Access ACCESS-DEF Exam Practice Test