• Home
  • Articles
  • CyberArk PAM-DEF Exam Prep Guide Prep guide for the PAM-DEF Exam [Q91-Q110]

CyberArk PAM-DEF Exam Prep Guide Prep guide for the PAM-DEF Exam [Q91-Q110]

Share

CyberArk PAM-DEF Exam Prep Guide: Prep guide for the PAM-DEF Exam

2023 New Preparation Guide of CyberArk PAM-DEF Exam

NEW QUESTION 91
A Logon Account can be specified in the Master Policy.

  • A. TRUE
  • B. FALSE

Answer: B

 

NEW QUESTION 92
What is the primary purpose of Dual Control?

  • A. More frequent password changes
  • B. To force a 'collusion to commit' fraud ensuring no single actor may use a password without authorization.
  • C. Reduced risk of credential theft
  • D. Non-repudiation (individual accountability)

Answer: B

 

NEW QUESTION 93
To enable the Automatic response "Add to Pending" within PTA when unmanaged credentials are found, what are the minimum permissions required by PTAUser for the PasswordManager_pending safe?

  • A. View Accounts, Update Account content, Update Account properties, Access Safe without confirmation, Manage Safe, View Audit
  • B. List Accounts, View Safe members, Add accounts (includes update properties), Update Account content, Update Account properties
  • C. Add accounts (includes update properties), Update Account content, Update Account properties, View Audit
  • D. List Accounts, Add accounts (includes update properties), Delete Accounts, Manage Safe

Answer: C

 

NEW QUESTION 94
Which service should NOT be running on the DR Vault when the primary Production Vault is up?

  • A. PrivateArk Database
  • B. CyberArk Logical Container
  • C. CyberArk Vault Disaster Recovery (DR) service
  • D. PrivateArk Server

Answer: D

 

NEW QUESTION 95
You are creating a shared safe for the help desk.
What must be considered regarding the naming convention?

  • A. Safe owners should determine the safe name to enable them to easily remember it.
  • B. Ensure your naming convention is no longer than 20 characters.
  • C. The use of these characters V:*<>".| is not allowed.
  • D. Combine environments, owners and platforms to minimize the total number of safes created.

Answer: C

 

NEW QUESTION 96
user has successfully conducted a short PSM session and logged off. However, the user cannot access the Monitoring tab to view the recordings.
What is the issue?

  • A. The PSM service is not running
  • B. The user must login as PSMAdminConnect
  • C. The user is not a member of the PVWAMonitor group
  • D. The user is not a member of the Auditors group

Answer: D

 

NEW QUESTION 97
It is possible to restrict the time of day, or day of week that a [b]reconcile[/b] process can occur

  • A. FALS
  • B. TRUE

Answer: B

 

NEW QUESTION 98
You have associated a logon account to one your UNIX cool accounts in the vault. When attempting to [b]change [/b] the root account's password the CPM will.....

  • A. None of these
  • B. Log in to the system as root, then change root's password
  • C. Log in to the system as the logon account, then change roofs password
  • D. Log in to the system as the logon account, run the su command to log in as root, and then change root's password.

Answer: D

 

NEW QUESTION 99
Which built-in report from the reports page in PVWA displays the number of days until a password is due to expire?

  • A. Activity Log
  • B. Privileged Accounts CPM Status
  • C. Privileged Accounts Inventory
  • D. Privileged Accounts Compliance Status

Answer: D

 

NEW QUESTION 100
DRAG DROP
Arrange the steps to restore a Vault using PARestore for a Backup in the correct sequence.

Answer:

Explanation:

 

NEW QUESTION 101
DRAG DROP
For each listed prerequisite, identify if it is mandatory or not mandatory to run the PSM Health Check.

Answer:

Explanation:

 

NEW QUESTION 102
When onboarding multiple accounts from the Pending Accounts list, which associated setting must be the same across the selected accounts?

  • A. CPM
  • B. Platform
  • C. Connection Component
  • D. Vault

Answer: B

 

NEW QUESTION 103
You received a notification from one of your CyberArk auditors that they are missing Vault level audit permissions. You confirmed that all auditors are missing the Audit Users Vault permission.
Where do you update this permission for all auditors?

  • A. PVWA> Administration > Configuration Options > LDAP integration > Vault Auditors Mapping > Vault Authorizations
  • B. Private Ark Client > Tools > Administrative Tools > Directory Mapping > Vault Authorizations
  • C. Private Ark Client > Tools > Administrative Tools > Users and Groups > Auditors > Authorizations tab
  • D. PVWA User Provisioning > LDAP integration > Vault Auditors Mapping > Vault Authorizations

Answer: C

 

NEW QUESTION 104
The password upload utility must run from the CPM server

  • A. TRUE
  • B. FALSE

Answer: B

 

NEW QUESTION 105
Which of the following logs contains information about errors related to PTA?

  • A. diamond.log
  • B. pm_error.log
  • C. WebApplication.log
  • D. ITAlog.log

Answer: A

 

NEW QUESTION 106
If a user is a member of more than one group that has authorizations on a safe, by default that user is granted________.

  • A. only those permissions that exist in all groups to which the user belongs.
  • B. the cumulative permissions of all groups to which that user belongs.
  • C. the vault will not allow this situation to occur.
  • D. only those permissions that exist on the group added to the safe first.

Answer: D

 

NEW QUESTION 107
Which of the following statements are NOT true when enabling PSM recording for a target Windows server?
(Choose all that apply)

  • A. RDP must be enabled on the target server
  • B. PSMConnect must be added as a local user on the target server
  • C. The PSM software must be instated on the target server
  • D. PSM must be enabled in the Master Policy (either directly, or through exception)

Answer: C,D

 

NEW QUESTION 108
Can the 'Connect' button be used to initiate an SSH connection, as root, to a Unix system when SSH access for root is denied?

  • A. No, it is not possible.
  • B. Yes, if a logon account is associated with the root account.
  • C. Yes, when using the connect button, CyberArk uses the PMTerminal.exe process which bypasses the root SSH restriction.
  • D. Yes, only if a logon account is associated with the root account and the user connects through the PSM-SSH connection component.

Answer: D

 

NEW QUESTION 109
What is the chief benefit of PSM?

  • A. Automatic password management
  • B. Privileged session isolation
  • C. Privileged session recording
  • D. 'Privileged session isolation' and 'Privileged session recording'

Answer: C

 

NEW QUESTION 110
......

Latest Questions PAM-DEF Guide to Prepare Free Practice Tests: https://www.lead2passed.com/CyberArk/PAM-DEF-practice-exam-dumps.html

PAM-DEF Practice Exam - 180 Unique Questions: https://drive.google.com/open?id=1rBu1BVqPb7r03lkd8D9JCNzSAkm556XD

Related Articles

more
CyberArk PAM-DEF Certification Practice Exam