CyberArk PAM-DEF Exam Practice Test Instant Access

Question 1

A new domain controller has been added to your domain. You need to ensure the CyberArk infrastructure can use the new domain controller for authentication.

Which locations must you update?

Aon the Vault server in Windows\System32\Etc\Hosts and in the PVWA Application under Administration > LDAP Integration > Directories > Hosts

Bon the Vault server in Windows\System32\Etc\Hosts and on the PVWA server in Windows\System32\Etc\Hosts

Cin the Private Ark client under Tools > Administrative Tools > Directory Mapping

Don the Vault server in the certificate store and on the PVWA server in the certificate store

Answer : C

%20user%20management%20using%20LDAP%7C_____2

Question 2

Due to network activity, ACME Corp's PrivateArk Server became active on the OR Vault while the Primary Vault was also running normally. All the components continued to point to the Primary Vault.

Which steps should you perform to restore DR replication to normal?

AReplicate data from DR Vault to Primary Vault > Shutdown PrivateArk Server on DR Vault > Start replication on DR vault

BShutdown PrivateArk Server on DR Vault > Start replication on DR vault

CShutdown PrivateArk Server on Primary Vault > Replicate data from DR Vault to Primary Vault > Shutdown PrivateArk Server on DR Vault > Start replication on DR vault

DShutdown PrivateArk Server on DR Vault > Replicate data from DR Vault to Primary Vault > Shutdown PrivateArk Server on DR Vault > Start replication on DR vault

Answer : A

Question 3

You are creating a shared safe for the help desk.

What must be considered regarding the naming convention?

AEnsure your naming convention is no longer than 20 characters.

BCombine environments, owners and platforms to minimize the total number of safes created.

CSafe owners should determine the safe name to enable them to easily remember it.

DThe use of these characters V:*<>'.| is not allowed.

Answer : D

Question 4

You receive this error:

''Error in changepass to user domain\user on domain server(\domain.(winRc=5) Access is denied.''

Which root cause should you investigate?

AThe account does not have sufficient permissions to change its own password.

BThe domain controller is unreachable.

CThe password has been changed recently and minimum password age is preventing the change.

DThe CPM service is disabled and will need to be restarted.

Answer : A

Question 5

You are creating a Dual Control workflow for a team's safe.

Which safe permissions must you grant to the Approvers group?

AList accounts, Authorize account request

BRetrieve accounts, Access Safe without confirmation

CRetrieve accounts, Authorize account request

DList accounts, Unlock accounts

Answer : C

Question 6

Which usage can be added as a service account platform?

AKerberos Tokens

BIIS Application Pools

CPowerShell Libraries

DLoosely Connected Devices

Answer : D

Question 7

When running a ''Privileged Accounts Inventory'' Report through the Reports page in PVWA on a specific safe, which permission/s are required on that safe to show complete account inventory information?

AList Accounts, View Safe Members

BManage Safe Owners

CList Accounts, Access Safe without confirmation

DManage Safe, View Audit

Answer : A

CyberArk Defender - PAM Exam Practice Test