CyberArk pam-sen practice test

Before the hardening process, your customer identified a PSM Universal Connector executable that will be required to run on the PSM.
Which file should you update to allow this to run?

• A. PSMConfigureAppLocker.xml
• B. PSMHardening.xml
• C. PSMAppConfig.xml
• D. PSMConfigureHardening.xml

You are installing a CPM.
In addition to Add Safes, Add/Update Users, Reset Users Passwords and Manage Server File Categories, which Vault authorization(s) does a CyberArk user need to install the CPM?

• A. Manage Directory Mapping
• B. Activate Users
• C. Backup All Safes, Restore All Safes
• D. Audit Users, Add Network Areas

You are configuring the Vault to send syslog audit data to your organizations SIEM solution.
What is a valid value for the SyslogServerProtocol parameter in DBPARM.INI file?

• A. TLS
• B. SSH
• C. SMTP
• D. SNMP

You have been asked to limit a platform called Windows_Servers to safes called WindowsDC1 and WindowsDC2. The platform must not be assigned to any other safe.
What is the correct way to accomplish this?

• A. Edit the Windows_Servers platform, expand Automatic Password Management, then select General and modify AllowedSafes to be (WindowsDC1)|(WindowsDC2).
• B. Edit the Windows_Servers platform, expand Automatic Password Management, then select Options and modify AllowedSafes to be (Win*).
• C. Edit the WindowsDC1 and WindowsDC2 safes through Safe Management, Add Windows_Servers to the AllowedPlatforms.
• D. Log in to PrivateArk using an Administrative user, Select File, Server File Categories, Locate the category WindowsServersAllowedSafes and specify WindowsDC1,WindowsDC2.

In which configuration file do you add LoadBalancerClientAddressHeader when you enable x-forwarding on the PVWA loadbalancer?

• A. PVconfiguration.xml
• B. web.config
• C. apigw.ini
• D. CyberArkScheduledTasks.exe.config

After installing the first PSM server and before installing additional PSM servers, you must ensure the user performing the installation is not a direct owner of which safe?

• A. PSMUnmanagedSessionAccounts Safe
• B. PSMRecordingsSessionAccounts Safe
• C. PSMUnmanagedApplicationAccounts Safe
• D. PSMSessionBackupAccounts Safe

All 80 employees from your satellite Tokyo office are complaining that browsing the PVWA site is very slow; however, your New York headquarters users are not experiencing this. The current PAM solution is:
2 distributed Vaults, the primary one in New York and a satellite in Tokyo
2 PVWA servers, both in New York with load balancing configured
2 PSM servers, both in New York without load balancing configured
1 CPM server in New York
All PVWA, PSM, and CPM servers are connected to the primary Vault
Which proposal optimally resolves the performance issue while minimizing the impact to production?

• A. Install two new PVWA servers in Tokyo data center, configure load balancing, connect to the local satellite Vault and provide the URL of new PVWA servers to the local employees.
• B. Install two new PVWA servers in New York data center, configure load balancing and have them connect to the satellite Vault in Tokyo.
• C. Install two new PSM servers in the Tokyo data center, configure load balancing, connect to the local satellite vault, and inform the local employees to browse using the same PVWA URL.
• D. Change the current distributed Vaults architecture, migrate back to a Primary-DR architecture, install two new PVWA servers in the Tokyo data center and configure load balancing. Connect to the local DR Vault and provide the URL of new PVWA servers to the local employees.

You are configuring SNMP remote monitoring for your organizations Vault servers.
In the PARAgent.ini, which parameter specifies the destination of the Vault SNMP traps?

• A. SNMPHostIP
• B. SNMPTrapPort
• C. SNMPCommunity
• D. SNMPVersion

What is a prerequisite step before CyberArk can be configured to support RADIUS authentication?

• A. Log on to the PrivateArk Client, display the User properties of the user to configure, run the Authentication method drop-down list, and select RADIUS authentication.
• B. In the RADIUS server, define the CyberArk Vault as a RADIUS client/agent.
• C. In the Vault installation folder, run CAVaultManager as administrator with the SecureSecretFiles command.
• D. Navigate to /Server/Conf and open DBParm.ini and set the RadiusServersInfo parameter.

You are beginning the post-install process after a manual PSM installation is completed.

What must you do?

• A. Disable screen saver for the PSM local users.
• B. Create a new group called PSMShadowUsers.
• C. Reset the PSMAdminConnect user password.
• D. Enable load balancing on the PSM server.