CyberArk EPM-DEF Exam Practice Test Instant Access

Question 1

When adding the EPM agent to a pre-existing security stack on workstation, what two steps are CyberArk recommendations. (Choose two.)

AAdd any pre-existing security application to the Files to Be Ignored Always.

BAdd EPM agent to the other security tools exclusions.

CEPM agent should never be run with any other security tools.

DCreate new advanced policies for each security tool.

Answer : A, B

Question 2

If you want to diagnose agent EPM agent connectivity issues, what is the agent executable that can be used from the command line?

Avf_agent.exe

Bepm_agent.exe

Cvault_agent.exe

Ddb_agent.exe

Answer : B

Question 3

After a clean installation of the EPM agent, the local administrator password is not being changed on macOS and the old password can still be used to log in.

What is a possible cause?

ASecure Token on macOS endpoint is not enabled.

BEPM agent is not able to connect to the EPM server.

CAfter installation, Full Disk Access for the macOS agent to support EPM policies was not approved.

DEndpoint password policy is too restrictive.

Answer : A

Question 4

A particular user in company ABC requires the ability to run any application with administrative privileges every day that they log in to their systems for a total duration of 5 working days.

What is the correct solution that an EPM admin can implement?

AAn EPM admin can generate a JIT access and elevation policy with temporary access timeframe set to 120 hours

BAn EPM admin can generate a JIT access and elevation policy with temporary access timeframe set to 120 hours and Terminate administrative processes when the policy expires option unchecked

CAn EPM admin can create an authorization token for each application needed by running: EPMOPAGtool.exe -command gentoken -targetUser <username> -filehash <file hash> -timeLimit 120 -action run

DAn EPM admin can create a secure token for the end user's computer and instruct the end user to open an administrative command prompt and run the command vfagent.exe -UseToken <securetoken_value>

Answer : B

Question 5

Where would an EPM admin configure an application policy that depends on a script returning true for an end user's machine being connected to an open (no password protection) Wi-Fi?

AAdvanced Policy - Application Control - Check Wi-Fi security

BAdvanced Policy - Options: Conditional enforcement - Apply Policy according to Script execution result

CDefault policies - Check if network access is secure

DAdvanced Policy - Access - Specify permissions to be set for Wi-Fi network security

Answer : B

Question 6

An end user is experiencing performance issues on their device after the EPM Agent had been installed on their machine. What should the EPM Administrator do first to help resolve the issue?

AVerify any 3rd party security solutions have been added to EPM's Files To Be Ignored Always configuration and CyberArk EPM has also been excluded from the 3rd party security solutions.

BEnable the Default Policy's Privilege Management Control, Unhandled Privileged Applications in Elevate mode.

CRerun the agent installation on the user's machine to repair the installation.

DUninstall or disable any anti-virus software prohibiting the EPM Agent functionalities.

Answer : D

Question 7

What can you manage by using User Policies?

AJust-In-Time endpoint access and elevation, access to removable drives, and Services access.

BAccess to Windows Services only.

CFilesystem and registry access, access to removable drives, and Services access.

DJust-In-Time endpoint access and elevation, access to removable drives, filesystem and registry access, Services access, and User account control monitoring.

Answer : D

CyberArk Defender - EPM Exam Practice Test