New Year Day Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpt65

CAU201 Questions and Answers

Question # 6

The Vault administrator can change the Vault license by uploading the new license to the system Safe.

A.

True

B.

False

Full Access
Question # 7

To manage automated onboarding rules, a CyberArk user must be a member of which group?

A.

Vault Admins

B.

CPM User

C.

Auditors

D.

Administrators

Full Access
Question # 8

Which PTA sensors are required to detect suspected credential theft?

A.

Logs, Vault Logs

B.

Logs, Network Sensor, Vault Logs

C.

Logs, PSM Logs, CPM Logs

D.

Logs, Network Sensor, EPM

Full Access
Question # 9

For a safe with Object Level Access enabled you can turn off Object Level Access Control when it no longer needed on the safe.

A.

TRUE

B.

FALSE

Full Access
Question # 10

When a group is granted the 'Authorize Account Requests' permission on a safe Dual Control requests must be approved by

A.

Any one person from that group

B.

Every person from that group

C.

The number of persons specified by the Master Policy

D.

That access cannot be granted to groups

Full Access
Question # 11

Your organization has a requirement to allow users to “check out passwords” and connect to targets with the same account through the PSM.

What needs to be configured in the Master policy to ensure this will happen?

A.

Enforce check-in/check-out exclusive access = active; Require privileged session monitoring and isolation = active

B.

Enforce check-in/check-out exclusive access = inactive; Require privileged session monitoring and isolation = inactive

C.

Enforce check-in/check-out exclusive access = inactive; Record and save session activity = active

D.

Enforce check-in/check-out exclusive access = active; Record and save session activity = inactive

Full Access
Question # 12

Match the log file name with the CyberArk Component that generates the log.

Full Access
Question # 13

You need to recover an account localadmin02 for target server 10.0.123.73 stored in Safe Team1.

What do you need to recover and decrypt the object? (Choose three.)

A.

Recovery Private Key

B.

Recover.exe

C.

Vault data

D.

Recovery Public Key

E.

Server Key

F.

Master Password

Full Access
Question # 14

In accordance with best practice, SSH access is denied for root accounts on UNIX/LINUX system. What is the BEST way to allow CPM to manage root accounts.

A.

Create a privileged account on the target server. Allow this account the ability to SSH directly from the CPM machine. Configure this account as the Reconcile account of the target server’s root account.

B.

Create a non-privileged account on the target server. Allow this account the ability to SSH directly from the CPM machine. Configure this account as the Logon account of the target server’s root account.

C.

Configure the Unix system to allow SSH logins.

D.

Configure the CPM to allow SSH logins.

Full Access
Question # 15

Target account platforms can be restricted to accounts that are stored m specific Safes using the Allowed Safes property.

A.

TRUE

B.

FALSE

Full Access
Question # 16

A Simple Mail Transfer Protocol (SMTP) integration is critical for monitoring Vault activity and facilitating workflow processes, such as Dual Control.

A.

True

B.

False

Full Access
Question # 17

Via Password Vault Web Access (PVWA), a user initiates a PSM connection to the target Linux machine using RemoteApp. When the client’s machine makes an RDP connection to the PSM server, which user will be utilized?

A.

Credentials stored in the Vault for the target machine

B.

Shadowuser

C.

PSMConnect

D.

PSMAdminConnect

Full Access
Question # 18

Users are unable to launch Web Type Connection components from the PSM server. Your manager asked you to open the case with CyberArk Support.

Which logs will help the CyberArk Support Team debug the issue? (Choose three.)

A.

PSMConsole.log

B.

PSMDebug.log

C.

PSMTrace.log

D.

.Component.log

E.

PMconsole.log

F.

ITAlog.log

Full Access
Question # 19

Which of the Following can be configured in the Master Poky? Choose all that apply.

A.

Dual Control

B.

One Time Passwords

C.

Exclusive Passwords

D.

Password Reconciliation

E.

Ticketing Integration

F.

Required Properties

G.

Custom Connection Components

Full Access
Question # 20

VAULT authorizations may be granted to_____.

A.

Vault Users

B.

Vault Groups

C.

LDAP Users

D.

LDAP Groups

Full Access
Question # 21

Which of the following properties are mandatory when adding accounts from a file? (Choose three.)

A.

Safe Name

B.

Platform ID

C.

All required properties specified in the Platform

D.

Username

E.

Address

F.

Hostname

Full Access
Question # 22

Which service should NOT be running on the DR Vault when the primary Production Vault is up?

A.

PrivateArk Database

B.

PrivateArk Server

C.

CyberArk Vault Disaster Recovery (DR) service

D.

CyberArk Logical Container

Full Access
Question # 23

Which item is an option for PSM recording customization?

A.

Windows events text recorder with automatic play-back

B.

Windows events text recorder and universal keystrokes recording simultaneously

C.

Universal keystrokes text recorder with windows events text recorder disabled

D.

Custom audio recording for windows events

Full Access
Question # 24

What is the name of the Platform parameters that controls how long a password will stay valid when One Time Passwords are enabled via the Master Policy?

A.

Min Validity Period

B.

Interval

C.

Immediate Interval

D.

Timeout

Full Access
Question # 25

A user has successfully conducted a short PSM session and logged off. However, the user cannot access the Monitoring tab to view the recordings.

What is the issue?

A.

The user must login as PSMAdminConnect

B.

The PSM service is not running

C.

The user is not a member of the PVWAMonitor group

D.

The user is not a member of the Auditors group

Full Access
Question # 26

Vault admins must manually add the auditors group to newly created safes so auditors will have sufficient access to run reports.

A.

TRUE

B.

FALSE

Full Access