CyberArk PAM-DEF Exam Practice Test Instant Access

Question 1

Which Master Policy Setting must be active in order to have an account checked-out by one user for a pre-determined amount of time?

ARequire dual control password access Approval

BEnforce check-in/check-out exclusive access

CEnforce one-time password access

DEnforce check-in/check-out exclusive access & enforce one-time password access

Answer : B

According to the CyberArk Defender PAM documentation, the Master Policy setting that must be active in order to have an account checked-out by one user for a pre-determined amount of time is Enforce check-in/check-out exclusive access. This setting enables organizations to permit users to check out a 'one-time' password and lock it so that no other users can retrieve it at the same time. After the user has used the password, the user checks the password back into the Vault. This ensures exclusive usage of the privileged account, enabling full control and tracking for the password. The duration of the check-out period can be configured in the platform settings for each account.Reference:

Account check-out and check-in - CyberArk

Master Policy - CyberArk

Question 2

In your organization the ''click to connect'' button is not active by default.

How can this feature be activated?

APolicies > Master Policy > Allow EPV transparent connections > Inactive

BPolicies > Master Policy > Session Management > Require privileged session monitoring and isolation > Add Exception

CPolicies > Master Policy > Allow EPV transparent connections > Active

DPolicies > Master Policy > Password Management

Answer : C

The ''click to connect'' button is a feature that allows users to connect to target systems without entering their credentials manually. It is also known as EPV transparent connections or PSM transparent connections. To activate this feature, you need to enable theAllow EPV transparent connectionsparameter in the Master Policy. This parameter determines whether users can use the ''click to connect'' button to initiate a privileged session from the PVWA. If the parameter is set to Active, the button is enabled and users can connect to target systems with one click. If the parameter is set to Inactive, the button is disabled and users need to copy the credentials and paste them in the target system login screen.Reference:Connect and configure - CyberArk,How to enable/disable Connect button in PVWA console - force.com

Question 3

You are onboarding an account that is not supported out of the box.

What should you do first to obtain a platform to import?

ACreate a service ticket in the customer portal explaining the requirements of the custom platform.

BSearch common community portals like stackoverflow, reddit, github for an existing platform.

CFrom the platforms page, uncheck the ''Hide non-supported platforms'' checkbox and see if a platform meeting your needs appears.

DVisit the CyberArk marketplace and search for a platform that meets your needs.

Answer : D

The CyberArk marketplace is a platform that simplifies delivery of privileged access security solutions, such as CyberArk Privileged Account Security Solution. It features the industry's broadest and deepest portfolio of technology integrations, including platforms for various types of accounts. Customers can find and deploy integrations with CyberArk Marketplace in as little as four clicks. If there is no platform that meets the customer's needs, they can request a custom platform from CyberArk or create their own using the Platform Development Kit (PDK).Reference:CyberArk Marketplace,Platform Development Kit

Question 4

Which report could show all accounts that are past their expiration dates?

APrivileged Account Compliance Status report

BActivity log

CPrivileged Account Inventory report

DApplication Inventory report

Answer : A

The Privileged Account Compliance Status report shows the compliance status of all privileged accounts in the Vault, based on the expiration date and password change policy. This report can help identify accounts that are past their expiration dates and need to be updated or removed.Reference:

[Defender PAM Sample Items Study Guide], page 18, question 90

[CyberArk Privileged Access Security Documentation], version 12.3, Reports Guide, page 27, Privileged Account Compliance Status report

Question 5

Accounts Discovery allows secure connections to domain controllers.

ATRUE

BFALSE

Answer : B

Question 6

You are troubleshooting a PVWA slow response.

Which log files should you analyze first? (Choose two.)

AITALog.log

Bweb.config

CCyberArk.WebApplication.log

DCyberArk.WebConsole.log

Answer : C, D

When troubleshooting a slow response in the Privileged Vault Web Access (PVWA), the first log files to analyze are theCyberArk.WebApplication.logandCyberArk.WebConsole.log. These logs contain detailed information about the activities carried out by the PVWA and can help identify any problems that may occur.The log files are created by the PVWA and stored on the Web server in the location specified in the LogFolder parameter in the web.config file1. By examining these logs, you can track business flows and troubleshoot failures without having to enable debug mode.

CyberArk Docs - PVWA Logging1

Question 7

For Digital Vault Cluster in a high availability configuration, how does the cluster determine if a node is down?

AThe heartbeat s no longer detected on the private network.

BThe shared storage array is offline.

CAn alert is generated in the Windows Event log.

DThe Digital Vault Cluster does not detect a node failure.

Answer : A

In a Digital Vault Cluster environment, each node has a Cluster Vault Manager (CVM) service that monitors the local resources and the status of the other node via a private network1.The CVM service sends a heartbeat signal to the other node every few seconds to check its availability2.If the heartbeat is not detected for a certain period of time, the CVM service assumes that the other node is down and triggers a failover process3.The failover process involves shutting down the resources on the failed node and starting them on the available node4.Reference:Digital Vault Cluster environment,CyberArk High-Availability Vault Cluster,Manage the CyberArk Digital Cluster Vault Server,Local resources failover process

CyberArk Defender - PAM PAM-DEF Exam Practice Test