CyberArk EPM-DEF Exam Practice Test Instant Access

Question 1

How does CyberArk EPM's Ransomware Protection feature monitor for Ransomware Attacks?

AIt compares known ransomware signatures retrieved from virus databases.

BIt sandboxes the suspected ransomware and applies heuristics.

CIt monitors for any unauthorized access to specified files.

DIt performs a lookup of file signatures against VirusTotal's database.

Answer : B

Question 2

If Privilege Management is not working on an endpoint, what is the most likely cause that can be verified in the EPM Agent Log Files?

ABehavior of the elevation prompt for administrators in Admin Approval Mode is set to ''Prompt for Consent for non-Windows binaries''.

BAgent version is incompatible.

CUAC policy Admin Approval for the Built-in Administrator Account is set to ''Disabled''.

DUAC policy Run all administrators in Admin Approval Mode is set to ''Enabled''.

Answer : D

Question 3

When adding the EPM agent to a pre-existing security stack on workstation, what two steps are CyberArk recommendations. (Choose two.)

AAdd any pre-existing security application to the Files to Be Ignored Always.

BAdd EPM agent to the other security tools exclusions.

CEPM agent should never be run with any other security tools.

DCreate new advanced policies for each security tool.

Answer : A, B

Question 4

For the CyberArk EPM Threat Deception Credential Lure feature, what is the recommendation regarding the username creation?

AThe username should match to an existing account.

BThe username should have a strong password associated.

CThe username should not match to an existing account.

DThe username should match the built-in local Administrator.

Answer : C

Question 5

An EPM Administrator would like to enable CyberArk EPM's Ransomware Protection in Restrict mode. What should the EPM Administrator do?

ASet Block unhandled applications to On.

BSet Protect Against Ransomware to Restrict.

CSet Protect Against Ransomware to Restrict and Set Block unhandled applications to On.

DSet Control unhandled applications to Detect.

Answer : C

Question 6

What unauthorized change can CyberArk EPM Ransomware Protection prevent?

AWindows Registry Keys

BWebsite Data

CLocal Administrator Passwords

DCertificates in the Certificate Store

Answer : D

Question 7

When working with credential rotation at the EPM level, what is the minimum time period that can be set between connections?

A1 hour

B5 hours

C24 hours

D72 hours

Answer : D

CyberArk Defender - EPM Exam Practice Test

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7