clapgeek logo
CyberArk implements license limits by controlling the number and types of users that can be provisioned in the vault.
As long as you are a member of the Vault Admins group you can grant any permission on any safe.
Which of the following statements are NOT true when enabling PSM recording for a target Windows server? (Choose all that apply)
You are helping a customer prepare a Windows server for PSM installation. What is required for a successful installation?
Which command configures email alerts within PTA if settings need to be changed post install?
After installing the first PSM server and before installing additional PSM servers you must ensure the user performing the installation is not a direct owner of which safe?
You have been asked to identify the up or down status of Vault services.
Which CyberArk utility can you use to accomplish this task?
Which CyberArk group does a user need to be part of to view recordings or live monitor sessions?
Which onboarding method would you use to integrate CyberArk with your accounts provisioning process?
A user requested access to view a password secured by dual-control and is unsure who to contact to expedite the approval process. The Vault Admin has been asked to look at the account and identify who can approve their request.
What is the correct location to identify users or groups who can approve?
Due to network activity, ACME Corp’s PrivateArk Server became active on the OR Vault while the Primary Vault was also running normally. All the components continued to point to the Primary Vault.
Which steps should you perform to restore DR replication to normal?
Before the hardening process your customer identified a PSM Universal Connector executable that will be required to run on the PSM Which file should you update to allow this to run?
You are responsible for installing a CPM.
Which Vault authorizations will your CyberArk user need to install the CPM?
Users who have the 'Access Safe without confirmation' safe permission on a safe where accounts are configured for Dual control, still need to request approval to use the account.
Which step is required to register a Vault manually in Amazon Web Services using CAVaultManager?
Which parameter controls how often the CPM looks for accounts that need to be changed from recently completed Dual control requests.
When onboarding multiple accounts from the Pending Accounts list, which associated setting must be the same across the selected accounts?
Users can be resulted to using certain CyberArk interfaces (e.g.PVWA or PACLI).
Customers who have the ‘Access Safe without confirmation’ safe permission on a safe where accounts are configured for Dual control, still need to request approval to use the account.
You are configuring the vault to send syslog audit data to your organization's SIEM solution. What is a valid value for the SyslogServerProtocol parameter in DBPARM.ini file?
Which type of automatic remediation can be performed by the PTA in case of a suspected credential theft security event?
The Vault administrator can change the Vault license by uploading the new license to the system Safe.
Which Automatic Remediation is configurable for a PTA detection of a “Suspected Credential Theft”?
What is the maximum number of levels of authorization you can set up in Dual Control?
What is the name of the Platform parameters that controls how long a password will stay valid when One Time Passwords are enabled via the Master Policy?
To manage automated onboarding rules, a CyberArk user must be a member of which group?
Which option in the PrivateArk client is used to update users' Vault group memberships?
According to the DEFAULT Web Options settings, which group grants access to the REPORTS page?
Your organization has a requirement to allow users to “check out passwords” and connect to targets with the same account through the PSM.
What needs to be configured in the Master policy to ensure this will happen?
Which of the following are secure options for storing the contents of the Operator CD, while still allowing the contents to be accessible upon a planned Vault restart? (Choose three.)
A customer installed multiple PVWAs in the production environment behind a load balancer VIP. They subsequently observed that all incoming traffic from the load balancer VIP goes to only one PVWA, even though all the PVWAs are up and running. What could be the likely cause of this situation?
You are logging into CyberArk as the Master user to recover an orphaned safe.
Which items are required to log in as Master?
Which component must be installed on the Vault if Distributed Vaults is used with PSM?
Your customer has five main data centers with one PVWA in each center under different URLs. How can you make this setup fault tolerant?
You are installing HTML5 gateway on a Linux host using the RPM provided. After installing the Tomcat webapp, what is the next step in the installation process?
You are installing PSM for SSH with AD-Bridge in CyberArkSSHD mode for your customer. ACME Corp What do you need to install to meet your customer's needs? (Choose 2)
Target account platforms can be restricted to accounts that are stored m specific Safes using the Allowed Safes property.
The Privileged Access Management solution provides an out-of-the-box target platform to manage SSH keys, called UNIX Via SSH Keys.
How are these keys managed?
When a group is granted the 'Authorize Account Requests' permission on a safe Dual Control requests must be approved by
TESTED 03 Apr 2025
