CyberArk access-def practice test

An organization previously allowed users to add their personal apps on the Identity User Portal. This
will soon be disabled due to policy changes.
What is the impact to the users for personal apps previously added to the User Portal?

• A. They will continue to function normally; however, users cannot add new apps.
• B. They will continue to display on the Apps screen and user devices; however, they will be greyed out and unavailable for any form of interaction.
• C. They will be deleted from the Apps screen and user devices.
• D. They will continue to display on the Apps screen and user devices; however, an error message will display when users try to open the application.

Which protocols can CyberArk provide MFA for VPN? (Choose two.)

• A. SAML
• B. RADIUS
• C. IMAP
• D. TACACS
• E. LDAP

Which device enrollment settings are valid? (Choose two.)

• A. Send notification on device enrollment
• B. Enable invite based enrollment
• C. Minimum number of devices a user can enroll
• D. Reassign the device to another user
• E. Permanently delete device

What is considered an "Identity Provider Initiated" login to an application?

• A. After signing in to the CyberArk Identity portal, a user launches a SAML app by clicking an app tile.
• B. After visiting a third-party web app, a user is redirected to CyberArk Identity for authentication.
• C. A user visits a third party web app directly and signs in with local credentials.
• D. A user signs in to the CyberArk Identity portal and takes a screenshot of the portal to send to IT.

CyberArk Identity's App Gateway can be used to protect and access which option?

• A. on-premises Oracle web app
• B. cloud-hosted Salesforce environment
• C. a corporate laptop
• D. a web browser

DRAG DROP
Admins can enable self-service for users to unlock their accounts. There are four options under the
Admin Portal Core Services > Policies > User Security Policies > Self Service > Account Unlock options.
Match each option to the correct description.

Which predefined roles does CyberArk Identity provide?

• A. System Administrator and Everybody
• B. Manage Users and Everybody
• C. System Administrator and Business Users
• D. Manage Users and Business Users

When configuring an application to use the App Gateway, you do not have to change any
configurations in the application directly. You enable the application for App Gateway access in the
Admin Portal and input the existing URL that users enter to open the application. You can either use
an external URL that CyberArk Identity automatically generates, or you can continue using an
existing internal URL.
What is a disadvantage of using an existing internal URL for App Gateway connections?

• A. Existing links and bookmarks do not work outside of the corporate network.
• B. Users must use different URLs depending on whether they access the application internally or externally.
• C. More configuration is needed because you must upload the URL certificate and private key, and edit DNS settings.
• D. Users must use the same URLs regardless of whether they access the application internally or externally and this may confuse them.

What does the CyberArk Identity App Gateway work with? (Choose three.)

• A. SAML-Compliant Apps
• B. WS-Fed Enabled Apps
• C. OIDC Web Apps
• D. Thick Client (non-web-based Apps)
• E. Terminal Services
• F. Telnet

Which 2FA/MFA options can fulfill the "Something you are" requirement? (Choose two.)

• A. email
• B. CyberArk Identity mobile app
• C. F1D02
• D. phone call
• E. security questions