CyberArk pam-def practice test

When onboarding multiple accounts from the Pending Accounts list, which associated setting must be the same across the selected accounts?

• A. Platform
• B. Connection Component
• C. CPM
• D. Vault

Where can you check that the LDAP binding is using TCP/636?

• A. in Active Directory under "Users OU" => "User Properties" => "External Bindings" => "Port"
• B. in PVWA, under "LDAP Integration" => "LDAP" => "Directories" => "" => "Hosts" => "Host"
• C. in PrivateArk Client, under "Tools" => "Administrative Tools" => "Directory Mapping" => ""
• D. From the PVWA, connect to the domain controller using Test-NetConnection on Port 636.

What must you specify when configuring a discovery scan for UNIX? (Choose two.)

• A. Vault Administrator
• B. CPM Scanner
• C. root password for each machine
• D. list of machines to scan
• E. safe for discovered accounts

When are external vault users and groups synchronized by default?

• A. They are synchronized once every 24 hours between 1 AM and 5 AM.
• B. They are synchronized once every 24 hours between 7 PM and 12 AM.
• C. They are synchronized every 2 hours.
• D. They are not synchronized according to a specific schedule.

A user needs to view recorded sessions through the PVWA.
Without giving auditor access, which safes does a user need access to view PSM recordings? (Choose two.)

• A. Recordings safe
• B. Safe the account is in
• C. System safe
• D. PVWAConfiguration safe
• E. VaultInternal safe

In your organization the click to connect button is not active by default.
How can this feature be activated?

• A. Policies > Master Policy > Allow EPV transparent connections > Inactive
• B. Policies > Master Policy > Session Management > Require privileged session monitoring and isolation > Add Exception
• C. Policies > Master Policy > Allow EPV transparent connections > Active
• D. Policies > Master Policy > Password Management

You have been asked to identify the up or down status of Vault Services.
Which CyberArk utility can you use to accomplish this task?

• A. PrivateArk Central Administration Console
• B. PAS Reporter
• C. PrivateArk Remote Control Agent
• D. Syslog

You have been asked to create an account group and assign three accounts which belong to a cluster. When you try to create a new group, you receive an unauthorized error; however, you are able to edit other aspects of the account properties.
Which safe permission do you need to manage account groups?

• A. create folders
• B. specify next account content
• C. rename accounts
• D. manage safe

Which file must be edited on the Vault to configure it to send data to PTA?

• A. dbparm.ini
• B. PARAgent.ini
• C. my.ini
• D. padr.ini

Before failing back to the production infrastructure after a DR exercise, what must you do to maintain audit history during the DR event?

• A. Ensure that the Production Instance replicates changes that occurred from the Disaster Recovery Instance.
• B. Briefly stop and start the Disaster Recovery Instance before attempting to fail components back to the Production Instance.
• C. Stop the CPM services before starting the production server.
• D. Perform an IIS Reset on all PVWA servers.