CyberArk PAM-CDE-RECERT Exam Questions Instant Access

Question 1

PSM captures a record of each command that was executed in Unix.

ATRIE

BFALSE

Answer : A

Question 2

What is the primary purpose of One Time Passwords?

AReduced risk of credential theft

BMore frequent password changes

CNon-repudiation (individual accountability)

DTo force a 'collusion to commit' fraud ensuring no single actor may use a password without authorization.

Answer : A

Question 3

Which of the following Privileged Session Management solutions provide a detailed audit log of session activities?

APSM (i.e., launching connections by clicking on the 'Connect' button in the PVWA)

BPSM for Windows (previously known as RDP Proxy)

CPSM for SSH (previously known as PSM SSH Proxy)

DAll of the above

Answer : A

Question 4

You need to move a platform from using PMTerminal to using Terminal Plugin Controller (TPC) What must you do?

AWithin PVWA
Click Administration > Platform Management
Select the platform and then click Edit.
In the left pane, click Automatic Password Management > CPM Plug-in
Set the ExeName parameter value to CyberArk TPC exe

BUsing PnvateArk. select the PasswordManager_Shared safe, and then select open Locate the mi file relating to the platform you wish to change and double click
At the bottom of the file, insert a line 'UseTPC = True' Remove any lines that reference 'PMTerminal' and save Return the mi file to the safe Restart CPM for this change to take effect

COpen the process file of the platform you wish to configure to use TPC Add the following parameter under the States section; 'use TPC=yes'

DIt is not possible to change a platform from using PMTerminal to using TPC You must locate a new version of the platform that supports TPC and import the new platform over-writing the existing platform

Answer : A

Question 5

The Privileged Access Management solution provides an out-of-the-box target platform to manage SSH keys, called UNIX Via SSH Keys.

How are these keys managed?

ACyberArk stores Private keys in the Vault and updates Public keys on target systems.

BCyberArk stores Public keys in the Vault and updates Private keys on target systems.

CCyberArk does not store Public or Private keys and instead uses a reconcile account to create keys on demand.

DCyberArk stores both Private and Public keys and can update target systems with either key.

Answer : A

Question 6

Which statement is correct concerning accounts that are discovered, but cannot be added to the Vault by an automated onboarding rule?

AThey are added to the Pending Accounts list and can be reviewed and manually uploaded.

BThey cannot be onboarded to the Password Vault.

CThey must be uploaded using third party tools.

DThey are not part of the Discovery Process.

Answer : D

Question 7

You have been asked to identify the up or down status of Vault services.

Which CyberArk utility can you use to accomplish this task?

AVault Replicator

BPAS Reporter

CRemote Control Agent

DSyslog

Answer : C

CyberArk CDE Recertification PAM-CDE-RECERT Exam Questions