CyberArk PAM-DEF CyberArk Defender - PAM Exam Practice Test

Page: 1 / 14
Total 239 questions
Question 1

Which utilities could you use to change debugging levels on the vault without having to restart the vault. Select all that apply.



Answer : A, B

To change debugging levels on the vault without having to restart the vault, you can use the following utilities:

PAR Agent: This is a utility that runs on the vault server and allows you to change the debug level of the vault by editing the PARAgent.ini file. You can set the EnableTrace parameter to yes and specify the debug level in the DebugLevel parameter. The changes will take effect immediately without restarting the vault.The log file is located in the PARAgent.log file1.

PrivateArk Server Central Administration: This is a graphical user interface that runs on the vault server and allows you to change the debug level of the vault by selecting the vault server and clicking the Debug button. You can choose the debug level from a list of predefined options or enter a custom value. The changes will take effect immediately without restarting the vault.The log files are located in the Trace.dX files, where X is a number from 0 to 42.

You cannot use the following utilities to change debugging levels on the vault without having to restart the vault:

Edit DBParm.ini in a text editor: This is a configuration file that stores the vault parameters, such as the database name, port, and password.Editing this file does not affect the debug level of the vault, and requires restarting the vault for the changes to take effect3.

Setup.exe: This is an installation program that runs on the vault server and allows you to install, upgrade, or uninstall the vault.It does not allow you to change the debug level of the vault, and requires restarting the vault for any changes to take effect4.Reference:

1:Configure Debug Levels, Vault section, PARAgent subsection

2:Configure Debug Levels, Vault section, PrivateArk Server Central Administration subsection

3:CyberArk Privileged Access Security Implementation Guide, Chapter 2: Installing the Vault, Section: Configuring the Vault, Subsection: DBParm.ini

4:CyberArk Privileged Access Security Implementation Guide, Chapter 2: Installing the Vault, Section: Installing the Vault


Question 2

By default, members of which built-in groups will be able to view and configure Automatic Remediation and Session Analysis and Response in the PVWA?



Answer : B

Security Admins are the built-in group that can view and configure Automatic Remediation and Session Analysis and Response in the PVWA. These features are part of the Privileged Threat Analytics (PTA) module, which is designed to detect and respond to anomalous activities and risky behaviors in the privileged environment. Security Admins have the permissions to access the PTA settings and configure the policies and actions for Automatic Remediation and Session Analysis and Response.Reference:

Defender PAM Sample Items Study Guide, page 18, question 49

Privileged Threat Analytics Implementation Guide, page 9, section ''Security Admins''


Question 3

When a DR Vault Server becomes an active vault, it will automatically fail back to the original state once the Primary Vault comes back online.



Answer : C

When a DR Vault Server becomes an active vault, it will automatically fail back to the original state once the Primary Vault comes back online, if the AllowFailback setting is set to ''yes'' in the padr.ini file. The padr.ini file is the configuration file for the Disaster Recovery application, which enables the DR Vault to replicate data from the Primary Vault and take over its role in case of a failure. The AllowFailback setting determines whether the DR Vault will automatically switch back to the passive mode when the Primary Vault is restored.The default value of this setting is ''no'', which means that the DR Vault will remain active until a manual failback is performed1.To enable the automatic failback, the setting must be changed to ''yes'' and the padr service must be restarted1.The dbparm.ini file is not relevant to this setting, as it is the main configuration file for the Vault database2.Reference:

Configure the DR Vault - CyberArk, section ''AllowFailback''

DBParm.ini - CyberArk, section ''Main parameters''


Question 4

A new domain controller has been added to your domain. You need to ensure the CyberArk infrastructure can use the new domain controller for authentication.

Which locations must you update?



Answer : A

When a new domain controller is added to a domain, it is necessary to update the CyberArk infrastructure to ensure it can use the new domain controller for authentication. This involves updating thehosts fileon theVault serverlocated atWindows\System32\Etc\Hoststo include the new domain controller's details. Additionally, within thePVWA Application, you need to navigate toAdministration > LDAP Integration > Directories > Hostsand update the information there as well.This ensures that both the Vault server and the PVWA Application are aware of the new domain controller and can authenticate against it1.


CyberArk's official documentation on configuring Active Directory integration, which includes details on setting up domain controllers for authentication2.

Information on adding Active Directory as a directory service in CyberArk Identity, which discusses the integration of domain controllers3.

Question 5

You are onboarding an account that is not supported out of the box.

What should you do first to obtain a platform to import?



Answer : D

The CyberArk marketplace is a platform that simplifies delivery of privileged access security solutions, such as CyberArk Privileged Account Security Solution. It features the industry's broadest and deepest portfolio of technology integrations, including platforms for various types of accounts. Customers can find and deploy integrations with CyberArk Marketplace in as little as four clicks. If there is no platform that meets the customer's needs, they can request a custom platform from CyberArk or create their own using the Platform Development Kit (PDK).Reference:CyberArk Marketplace,Platform Development Kit


Question 6

A Logon Account can be specified in the Master Policy.



Answer : B

A Logon Account cannot be specified in the Master Policy.The Master Policy is a set of rules that define the security and compliance policy of privileged accounts in the organization, such as access workflows, password management, session monitoring, and auditing1.The Master Policy does not include any technical settings that determine how the system manages accounts on various platforms1.A Logon Account is a technical setting that defines the account that the CPM uses to log on to a target system and perform password management tasks, such as changing, verifying, or reconciling passwords2.A Logon Account can be specified in the Platform Management settings, which are configured by the IT administrator for each platform2.The Platform Management settings are independent of the Master Policy and can be customized according to the organization's environment and security policies1.Reference:

The Master Policy

[Platform Management]


Question 7

The Vault administrator can change the Vault license by uploading the new license to the system Safe.



Answer : A

According to the web search results, the Vault administrator can change the Vault license by uploading the new license to the system Safe123. This can be done either from the Vault machine or from a remote machine using the PrivateArk client. The new license file should be named license.xml and replace the current one in the system Safe. This can be done without having to reinstall the Vault or restart the service.


Page:    1 / 14   
Total 239 questions