CyberArk Sentry Questions + Answers

Business, Finance, Economics, Accounting, Operations Management, Computer Science, Electrical Engineering, Mechanical Engineering, Civil Engineering, Chemical Engineering, Algebra, Precalculus, Statistics and Probabilty, Advanced Math, Physics, Chemistry, Biology, Nursing, Psychology, Certifications, Tests, Prep, and more.
Post Reply
answerhappygod
Site Admin
Posts: 899603
Joined: Mon Aug 02, 2021 8:13 am

CyberArk Sentry Questions + Answers

Post by answerhappygod »

Question 1 ( Topic 1 )
What would be a good use case for the Replicate module?
A. Recovery Time Objectives or Recovery Point Objectives are at or near zero.
B. Integration with an Enterprise Backup Solution is required.
C. Off site replication is required.
D. PSM is used.


Answer : C

Question 2 ( Topic 1 )
What is the PRIMARY reason for installing more than 1 active CPM?
A. Installing CPMs in multiple sites prevents complex firewall rules to manage devices at remote sites.
B. Multiple instances create fault tolerance.
C. Multiple instances increase response time.
D. Having additional CPMs increases the maximum number of devices CyberArk can manage.


Answer : D

Question 3 ( Topic 1 )
What is the purpose of the password Reconcile process?
A. To test that CyberArk is storing accurate credentials for accounts.
B. To change the password of an account according to organizationally defined password rules.
C. To allow CyberArk to manage unknown or lost credentials.
D. To generate a new complex password.


Answer : B

Reference:
https://www.cyberark.com/blog/securing- ... de-part-4/
Question 4 ( Topic 1 )
Which file would you modify to configure the vault to send SNMP traps to your monitoring solution?
A. dbparm.ini
B. paragent.ini
C. ENEConf.ini
D. padr.ini


Answer : B

Question 5 ( Topic 1 )
When a DR vault server becomes an active vault, it will automatically fail back to the original state once the primary vault comes back online.
A. True, this is the default behavior.
B. False, this is not possible.
C. True, if the ג€˜AllowFailbackג€™ setting is set to yes in the PADR.ini file.
D. True, if the ג€˜AllowFailbackג€™ setting is set to yes in the dbparm.ini file.


Answer : C


Question 6 ( Topic 1 )
In order to avoid conflicts with the hardening process, third party applications like Antivirus and Backup Agents should be installed on the Vault server before installing the Vault.
A. TRUE
B. FALSE


Answer : B

Question 7 ( Topic 1 )
If a transparent user matches two different directory mappings, how does the system determine which user template to use?
A. The system will use the template for the mapping listed first.
B. The system will use the template for the mapping listed last.
C. The system will grant all of the vault authorizations from the two templates.
D. The system will grant only the vault authorizations that are listed in both templates.


Answer : A

Question 8 ( Topic 1 )
The primary purpose of the CPM is Password Management.
A. TRUE
B. FALSE


Answer : A

Reference:
https://www.cse-cst.gc.ca/en/system/fil ... ec-eng.pdf
(7)
Question 9 ( Topic 1 )
The vault server uses a modified version of the Microsoft Windows firewall.
A. TRUE
B. FALSE


Answer : B

Question 10 ( Topic 1 )
In a SIEM integration it is possible to use the fully-qualified domain name (FQDN) when specifying the SIEM server address(es).
A. TRUE
B. FALSE


Answer : A


Question 11 ( Topic 1 )
What would be a good use case for a High Availability vault?
A. Recovery Time Objectives or Recovery Point Objectives are at or near zero.
B. Integration with an Enterprise Backup Solution is required.
C. Off site replication is required.
D. PSM is used.


Answer : A

Question 12 ( Topic 1 )
What are the operating system prerequisites for installing CPM?
A. .NET 3.51 Framework Feature
B. Web Services Role
C. Remote Desktop Services Role
D. Windows 2008 R2 or higher.


Answer : A

Reference:
https://www.cse-cst.gc.ca/en/system/fil ... ec-eng.pdf
(11)
Question 13 ( Topic 1 )
A vault admin received an email notification that a password verification process has failed. Which service sent the message?
A. The PrivateArk Server Service on the Vault.
B. The CyberArk Password Manager service on the Components Server.
C. The CyberArk Even Notification Engine Service on the Vault.
D. The CyberArk Privileged Session Manager service on the Vault.


Answer : C

Reference:

Question 14 ( Topic 1 )
A stand alone Vault server requires DNS services to operate properly.
A. TRUE
B. FALSE


Answer : B

Question 15 ( Topic 1 )
The connect button requires PSM to work.
A. TRUE
B. FALSE


Answer : B


Question 16 ( Topic 1 )
After a PSM session is complete, the PSM server uploads the recording to the Vault for long-term storage.
A. TRUE
B. FALSE


Answer : A

Question 17 ( Topic 1 )
By default, the vault secure protocol uses which IP port and protocol.
A. TCP/1858
B. TCP/443
C. UDP/1858
D. TCP/80


Answer : A

Reference:
http://docplayer.net/53689072-The-cyber ... urity.html
Question 18 ( Topic 1 )
What is the best practice for storing the Master CD?
A. Copy the files to the Vault server and discard the CD.
B. Copy the contents of the CD to a Hardware Security Module and discard the CD.
C. Store the CD in a secure location, such as a physical safe.
D. Store the CD in a secure location, such as a physical safe, and copy the contents of the CD to a folder (secured with NTFS permission) on the vault.


Answer : D

Question 19 ( Topic 1 )
What utility is used to create or update a credential file?
A. CreateCredFile.exe
B. CAVaultManager.exe
C. Central Policy Manager
D. Password Vault Web Access


Answer : A

Reference:
https://edoc.site/pas-install-and-confi ... -free.html
Question 20 ( Topic 1 )
You are successfully managing passwords in the alpha.cyberark.com domain; however, when you attempt to manage a password in the beta.cyberark.com domain, you receive the ג€˜network path not foundג€™ error. What should you check first?
A. That the username and password are correct.
B. That the CPM can successfully resolve addresses in the beta.cyberark.com domain.
C. That the end user has the correct permissions on the safe.
D. That an appropriate trust relationship exists between alpha.cyberark.com and beta.ceberark.com


Answer : B

Question 21 ( Topic 1 )
What is the name of the account used to establish the initial RDP session from the end user client machine to the PSM server?
A. PSMConnect
B. PSMAdminConnect
C. PSM
D. The credentials the end user retrieved from the vault.


Answer : A

Question 22 ( Topic 1 )
To apply a new license file you must:
A. Upload the license.xml file to the System Safe.
B. Upload the license.xml file to the VaultInternal Safe.
C. Upload the license.xml file to the System Safe and restart the PrivateArk Server service.
D. Upload the license.xml file to the VaultInternal Safe and restart the PrivateArk Server service.


Answer : A

Reference:

Question 23 ( Topic 1 )
At what point is a transparent user provisioned in the vault?
A. When a directory mapping matching that user id is created.
B. When a vault admin runs LDAP configuration wizard.
C. The first time the user logs in.
D. During the vaultג€™s nightly LDAP refresh.


Answer : A

Question 24 ( Topic 1 )
Which of the following are supported authentication methods for CyberArk? Check all that apply.
A. CyberArk Password (SRP)
B. LDAP
C. SAML
D. PKI
E. RADIUS
F. OracleSSO
G. Biometric


Answer : BDE

Reference:
https://training.cyberark.com/instructo ... -configure
Question 25 ( Topic 1 )
The security of the Vault Server is entirely dependent on the security of the network.
A. TRUE
B. FALSE


Answer : B
Join a community of subject matter experts. Register for FREE to view solutions, replies, and use search function. Request answer by replying!
Top
Post Reply

Return to “Archived Questions & Answers”