Free ACCESS-DEF Sample Questions — CyberArk Defender Access

What does the CyberArk Identity App Gateway work with? (Choose three.)

• A. SAML-Compliant Apps
• B. WS-Fed Enabled Apps
• C. OIDC Web Apps
• D. Thick Client (non-web-based Apps)
• E. Terminal Services
• F. Telnet

When logging on to the User Portal, which authentication methods can enable the user to bypass authentication rules and default profile? (Choose two.)

• A. Certification-Based Authentication (CBA)
• B. Integrated Windows Authentication (IWA)
• C. QR Code Authentication
• D. FIDO2 Authentication
• E. RADIUS Authentication

Which predefined roles does CyberArk Identity provide?

• A. System Administrator and Everybody
• B. Manage Users and Everybody
• C. System Administrator and Business Users
• D. Manage Users and Business Users

CyberArk Identity has created a CLI integration with which vendor?

• A. Amazon Web Services (AWS)
• B. Salesforce
• C. Microsoft
• D. Zoom

What can cause users to be prompted for unrecognized MFA factors, such as a wrong phone number or unregistered MFA factor?

• A. Someone installed the CyberArk Identity mobile app on a different phone with their credentials
• B. The administrator switched authentication profiles
• C. They mistyped their username
• D. Someone registered their phone number to the wrong username

You get the following error: "Not Authorized. You do not have permission to access this feature". What is most likely the cause of the error?

• A. user tried to sign in to the wrong identity tenant
• B. user tried to sign in before being created in Active Directory
• C. user gave someone else access to his/her laptop
• D. non-administrative user tried to access an administrative feature

Which administrative right is required to manually start a provisioning synchronization job?

• A. Application Management
• B. User Management
• C. System Enrollment
• D. Register and Administer connectors

When a user enrolls a mobile device (iOS or Android) without enabling mobile device management, what happens? (Choose three.)

• A. The device is added to the Endpoints page in the Admin and User portals
• B. The web applications assigned to the user are added to the Web Apps screen in the CyberArk Identity mobile app
• C. The associated mobile applications are added and available for deployment automatically
• D. The mobile device policies defined in the CyberArk Cloud Directory policy service policy set are installed
• E. The device's model name, serial number, OS number, and Network Carrier information will be uploaded to the Identity portal
• F. The mobile phone can now be used as a MFA Authentication Factor

The Security Operation Team requested a report to show users who have logged in the last seven days. Which report in the Builtin Reports Library should you use?

• A. Active Users
• B. MFA Summary
• C. Logins Map
• D. Top User Logins

Which 2FA/MFA options can be used if users cannot use their mobile device? (Choose two.)

• A. FIDO2
• B. Security questions
• C. OAUTH2
• D. QR code
• E. Push notification app

An organization previously allowed users to add their personal apps on the Identity User Portal. This will soon be disabled due to policy changes. What is the impact to the users for personal apps previously added to the User Portal?

• A. They will continue to function normally; however, users cannot add new apps
• B. They will continue to display on the Apps screen and user devices; however, they will be greyed out and unavailable for any form of interaction
• C. They will be deleted from the Apps screen and user devices
• D. They will continue to display on the Apps screen and user devices; however, an error message will display when users try to open the application

Which browsers are supported for the "Land and Catch" feature? (Choose three.)

• A. Google Chrome
• B. Apple Safari
• C. Microsoft Internet Explorer
• D. Firefox
• E. Microsoft Edge
• F. Opera

Within a Web App connector, which feature does an admin use to grant users access?

• A. Trust
• B. Workflow
• C. Provisioning
• D. Permissions

Where can you download the CyberArk Identity mobile app? (Choose two.)

• A. Download section of the Admin Portal
• B. CyberArk Support portal
• C. Apple App Store
• D. email attachment
• E. Google Play Store

Which options are available with Self-Service Password Reset? (Choose three.)

• A. Enable users with Active Directory accounts who have forgotten their password to log in and reset it
• B. Perform Self-Service Password Reset for the Organization's corporate accounts, such as Twitter, Facebook, or Instagram
• C. Users must log in after a password reset
• D. maximum number of times can be specified that users can reset their password within a specific timeframe
• E. Users must respond to a CAPTCHA before resetting their password
• F. Use Helpdesk Caller Identity (Identity Verification) to confirm user identity