Exam4Training

CyberArk CAU305 CyberArk CDE Recertification Online Training

Question #1

Which type of automatic remediation can be performed by the PTA in case of a suspected credential theft security event?

  • A . Password change
  • B . Password reconciliation
  • C . Session suspension
  • D . Session termination

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PTA/Security­Configuration.htm

Question #2

dbparm.ini is the main configuration file for the Vault.

  • A . True
  • B . False

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASREF/DBParm.ini.htm

Question #3

When working with the CyberArk High Availability Cluster, which services are running on the passive node?

  • A . Cluster Vault Manager and PrivateArk Database
  • B . Cluster Vault Manager, PrivateArk Database and Remote Control Agent
  • C . Cluster Vault Manager
  • D . Cluster Vault Manager and Remote Control Agent

Reveal Solution Hide Solution

Correct Answer: C
C

Explanation:

Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Managing­the-CyberArk-Digital-Cluster-Vault-Server.htm

Question #4

When a DR Vault Server becomes an active vault, it will automatically revert back to DR mode once the Primary Vault comes back online.

  • A . True, this is the default behavior.
  • B . False, the Vault administrator must manually set the DR Vault to DR mode by setting "FailoverMode=no" in the padr.ini file.
  • C . True, if the AllowFailback setting is set to "yes" in the padr.ini file.
  • D . False, the Vault administrator must manually set the DR Vault to DR mode by setting "FailoverMode=no" in the dbparm.ini file.

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/11.3/en/Content/PASIMP/Initiating­DR-Failback-to-Production-Vault.htm

Question #5

Which onboarding method is used to integrate CyberArk with the accounts provisioning process?

  • A . Accounts Discovery
  • B . Auto Detection
  • C . Onboarding RestAPI functions
  • D . PTA rules

Reveal Solution Hide Solution

Correct Answer: B
B

Explanation:

Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Provisioning-Accounts-Automatically.htm

Question #6

Which file is used to open up a non-standard firewall port to the Vault?

  • A . dbparm.ini
  • B . PARagent.ini
  • C . passparm.ini
  • D . Vault.ini

Reveal Solution Hide Solution

Correct Answer: A
Question #7

When using multiple Central Policy Managers (CPM), which one of the following Safes is shared by all CPMs?

  • A . PasswordManager
  • B . PasswordManager_Pending
  • C . PasswordManager_workspace
  • D . PasswordManager_ADIntemal

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

Reference: https://www.niap-ccevs.org/MMO/Product/st_vid11006-agd4.pdf (558)

Question #8

What are the functions of the Remote Control Agent service? (Choose three.)

  • A . Allows remote monitoring the Vault
  • B . Sends SNMP traps from the Vault
  • C . Maintains audit data
  • D . Allows CyberArk services to be managed (start/stop/status) remotely

Reveal Solution Hide Solution

Correct Answer: ABD
ABD

Explanation:

Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PAS%20INST/Privileged-Account-Security-Remote-Administration.htm#:~:text=The%20CyberArk%20Vault%20Remote%20Control,and%20the%20Disaster%20Recovery%20Server

Question #9

In a Distributed Vaults environment, which of the following components will NOT be communicating with the Satellite Vaults?

  • A . AAM Credential Provider (previously known as AIM Credential Provider)
  • B . ExportVaultData utility
  • C . PAReplicate utility
  • D . Central Policy Manager

Reveal Solution Hide Solution

Correct Answer: D
Question #10

When managing SSH keys, the Central Policy Manager (CPM) stores the private key __________.

  • A . in the Vault
  • B . on the target server
  • C . in the Vault and on the target server
  • D . nowhere because the private key can always be generated from the public key

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/SSHKM/Managing %20SSH%20Keys.htm

Question #11

The PSM requires the Remote Desktop Web Access role service.

  • A . True
  • B . False

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PAS%20INST/Before-Installing-PSM.htm

Question #12

Access control to passwords is implemented by __________.

  • A . Vault authorizations
  • B . Safe authorizations
  • C . Master Policy
  • D . platform settings

Reveal Solution Hide Solution

Correct Answer: B
B

Explanation:

Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Object­Level-Access-Control.htm

Question #13

During the process of installing the Central Policy Manager (CPM), the Vault administrator will be asked to provide the credentials for an administrative user in the Vault.

For which purpose are these credentials used?

  • A . The credentials will be used later by the CPM to retrieve passwords from the Vault.
  • B . The credentials are used by the installer to register the CPM in the CyberArk database.
  • C . The credentials are used by the installer to authenticate to the Vault and create the Central Policy Manager (CPM) environment (Safes, users. etc.).
  • D . The credentials will be used later by the CPM to update passwords in the Vault.

Reveal Solution Hide Solution

Correct Answer: C
Question #14

What is the purpose of the password verify process?

  • A . To test that CyberArk is storing accurate credentials for accounts.
  • B . To change the password of an account according to organizationally defined password rules.
  • C . To allow CyberArk to manage unknown or lost credentials.
  • D . To generate a new complex password.

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Verifying­Passwords.htm#:~:text=The%20CPM%20can%20verify%20password,manually%20by%20an%20authorized%20user

Question #15

For a Safe with object level access control enabled the Vault administrator is able to turn off object level access control when it no longer needed on the Safe.

  • A . True
  • B . False

Reveal Solution Hide Solution

Correct Answer: B
B

Explanation:

Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Object­Level-Access-Control.htm

Exit mobile version