Free CAU302 Sample Questions — CyberArk Defender + Sentry

Which Built-In group grants access to the ADMINISTRATION page?

• A. PVWAMonitor
• B. PVWAUsers
• C. Auditors
• D. Vault Admins

Multiple Vault Servers can be load balanced.

• A. True
• B. False

Users complain they are unsuccessful attempting to authenticate to the Password Vault Web Access (PVWA) web site. After entering their credentials, they receive a `Timeout has expired`. You test the URL using multiple browsers and receive the same error. The CyberArk.WebApplication.log shows the `ITACM012S Timeout has expired` log entry. What is the next troubleshooting step you should take?

• A. Run an IISRESET on the PVWA server
• B. Check the CyberArk.WebConsole.log for errors
• C. Check network firewall rules to ensure the PVWA can communicate to the Vault over tcp_1858
• D. Check the health of the Vault Server and ensure all services are running

A Simple Mail Transfer Protocol (SMTP) integration allows you to forward audit records to a monitoring solution.

• A. TRUE
• B. FALSE

Which of the following PTA detections are included in the Core PAS offering? (Choose all that apply.)

• A. Suspected Credential Theft
• B. Over-Pass-The-Hash
• C. Golden Ticket
• D. Unmanaged Privileged Access

Which file is used to open up a non-standard Firewall port to the Vault?

• A. dbparm.ini
• B. PARagent.ini
• C. passparm.ini
• D. Vault.ini

Which parameter controls how often the Central Policy Manager (CPM) looks for one-time passwords that need to be changed?

• A. HeadStartInterval
• B. Interval
• C. ImmediateInterval
• D. The CPM does not change the password under this circumstance

The Vault needs to send Simple Network Management Protocol (SNMP) traps to your SNMP solution, which file is used to configure the IP address of the SNMP server?

• A. snmp.ini
• B. dbparm.ini
• C. ENEConf.ini
• D. PARagent.ini

Which one of the built-in Vault users is not automatically added to the safe when it is first created in PWA?

• A. Master
• B. Administrator
• C. Auditor
• D. Operator

What conditions must be met in order to log into the vault as the Master user? (Choose all that apply.)

• A. Logon must be originated from the console of the Vault Server or an EmergencyStation defined in DBParm.ini
• B. User must provide the correct master password
• C. Logon requires the Recovery Private Key to be accessible to the vault
• D. Logon must satisfy a challenge response request

A Vault administrator have associated a logon account to one of your UNIX root accounts in the vault. When attempting to change the root account's password the CPM will`¦

• A. Ignore the logon account and attempt to log in as root
• B. Prompt the end user with a dialog box asking for the login account to use
• C. Log in first with the logon account, then run the SU command to log in as root using the password in the Vault
• D. None of these

It is possible to restrict the time of day, or day of week that a verify process can occur

• A. TRUE
• B. FALSE

Which of the following are secure options for storing the contents of the Operator CD, while still allowing the contents to be accessible upon a planned Vault restart? (Choose all that apply.)

• A. Store the CD in a physical safe and mount the CD every time vault maintenance is performed
• B. Copy the entire contents of the CD to the System Safe on the vault
• C. Copy the entire contents of the CD to a folder on the Vault Server and secure it with NTFS permissions
• D. Store the server key in a Hardware Security Module (HSM) and copy the reset the keys from the CD to a folder on the Vault Server and secure it with NTFS permissions

A Vault Administrator wants to change the PSM Server ID to comply with a naming standard. What is the process for changing the PSM Server ID?

• A. First, logon to the PrivateArk Client as Administrator and open the PVWAConfig safe. Retrieve and edit the PVConfiguration.xml file. Search for the PSMServer Name and update the ID of the server you want to rename. Save the file and copy back to the PWAConfig safe. Restart the "CyberArk Privileged Session Manager" service on the PSM server
• B. Login to the PVWA, then change the PSMServer ID in Administration, System Configuration, Options, Privileged Session Management, Configured PSM Servers. Run an IISRESET on all PVWA servers
• C. First, login to the PVWA, browse to Administration, System Configuration, Options, Privileged Session Management, Configured PSM Servers and select the PSM Server you need to change from the list of servers. In the properties pane, set the value of the ID property to the new Server ID, click Apply and OK. Next, edit the basic_psm.ini file located on the PSM server in the PSM root directory and update the PSMServerID parameter with the new Server ID, save the file and restart the "CyberArk Privileged Session Manager" service on the PSM server
• D. Options A and B above is the correct procedure

What is the chief benefit of PSM?

• A. Privileged session isolation
• B. Automatic password management
• C. Privileged session recording
• D. Privileged session isolation and privileged session recording

What is the maximum number of levels of authorizations you can set up in Dual Control?

• A. 1
• B. 2
• C. 3
• D. 4

When working with the CyberArk Cluster, which service is considered Optional (i.e., failure of the service does not mandate a failover)?

• A. PrivateArk Server
• B. PrivateArk Database
• C. Event Notification Engine
• D. Logic Container

What values are acceptable in the address field on the Account?

• A. It must be a Fully Qualified Domain Name (FQDN)
• B. It must be an IP address
• C. It must be NetBIOS name
• D. Any name that is resolvable on the Central Policy Manager (CPM) server is acceptable

Which report could show all audit data in the vault?

• A. Privileged Account Compliance Status Report
• B. Activity Log
• C. Privileged Account Inventory Report
• D. Application Inventory Report

The ACME Company has been a CyberArk customer for many years. ACME Management has asked you to perform a `Health Check" review of the CyberArk deployment. During your analysis you discover that the PSM Component server is fully functional. The RDP SSL certificate is self-signed and the CyberArk Privileged Session Management Service is running under the Local Service. SSL 3.0 is enabled in the Registry.

• A. The PSM Component Server is configured as defined in PAS Installation Guide
• B. The PSM Component Server has been installed correctly but PSM Hardening procedures have not been followed and must be rebuilt
• C. The PSM Component Server has been installed correctly but PSM Hardening procedures have not been followed. Hardening procedures must be applied manually to the existing configuration
• D. The PSM Component Server has been installed correctly but PVWA Hardening procedures have not been followed. Hardening procedures can be applied via the Installation Automation script or manually to the existing configuration