PAM-CDE-RECERT Exam PDF [2023] Tests Free Updated Today with Correct 208 Questions
CyberArk PAM-CDE-RECERT Exam Preparation Guide and PDF Download
NEW QUESTION # 21
You have been asked to configure SNMP remote monitoring for your organization's Vault servers. In the PARAgent.ini, which parameter specifies the destination of the Vault SNMP Traps?
- A. SNMPHostIP
- B. SNMPTrapPort
- C. SNMP Version
- D. SNMPCommunity
Answer: A
NEW QUESTION # 22
CyberArk implements license limits by controlling the number and types of users that can be provisioned in the vault.
- A. TRUE
- B. FALSE
Answer: A
NEW QUESTION # 23
The primary purpose of exclusive accounts is to ensure non-repudiation (Individual accountability).
- A. TRUE
- B. FALS
Answer: A
NEW QUESTION # 24
Which of the following Privileged Session Management solutions provide a detailed audit log of session activities?
- A. PSM for SSH (previously known as PSM SSH Proxy)
- B. PSM for Windows (previously known as RDP Proxy)
- C. All of the above
- D. PSM (i.e., launching connections by clicking on the "Connect" button in the PVWA)
Answer: D
NEW QUESTION # 25
Your organization requires all passwords be rotated every 90 days.
Where can you set this regulatory requirement?
- A. PVWAConfig.xml
- B. Safe Templates
- C. Master Policy
- D. Platform Configuration
Answer: C
NEW QUESTION # 26
Within the Vault each password is encrypted by:
- A. the recovery public key
- B. the recovery private key
- C. the server key
- D. its own unique key
Answer: D
NEW QUESTION # 27
What is the purpose of the CyberArk Event Notification Engine service?
- A. It sends email messages from the Vault.
- B. It sends email messages from the Central Policy Manager (CPM).
- C. It processes audit report messages.
- D. It makes Vault data available to components.
Answer: A
NEW QUESTION # 28
What is the easiest way to duplicate an existing platform?
- A. From PrivateArk, cop/paste the appropriate setting in the PVConfiguration.xml then update the policName variable.
- B. From the PVWA, navigate to the platforms page, select existing platform that is similar to the new target account platform, manually update the platform settings and click "Save as" instead of save to duplicate and rename the platform.
- C. from the PVWA, navigate to the platforms page, select the existing platform that is similar to the new target account platform and click Duplicate, name the new platform.
- D. From PrivateArk, copy/paste the appropriate Policy.ini file: then rename it.
Answer: C
NEW QUESTION # 29
In a default CyberArk installation, which group must a user be a member of to view the "reports" page in PVWA?
- A. ReportUsers
- B. PVWAReports
- C. PVWAMonitor
- D. Operators
Answer: C
NEW QUESTION # 30
Which of these accounts onboarding methods is considered proactive?
- A. Accounts Discovery
- B. Detecting accounts with PTA
- C. A DNA scan
- D. A Rest API integration with account provisioning software
Answer: B
NEW QUESTION # 31
Match the built-in Vault User with the correct definition.
Answer:
Explanation:
Reference:
https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Predefined-Users-and-Groups.htm?TocPath=Administration%7CUser%20Management%7C_____7
NEW QUESTION # 32
Which command configures email alerts within PTA if settings need to be changed post install?
- A. /opt/PTA/emailConfiguration.sh
- B. /opt/PTA/utility/emailConfig.sh
- C. /opt/tomcat/utility/emailSetup.sh
- D. /opt/tomcat/utility/emailConfiguration.sh
Answer: D
NEW QUESTION # 33
Which report shows the accounts that are accessible to each user?
- A. Entitlement report
- B. Privileged Accounts Compliance Status report
- C. Activity report
- D. Applications Inventory report
Answer: A
NEW QUESTION # 34
For the hardening process to complete successfully, the Vault administrator must ensure that the antivirus software on the Vault server is installed and up to date before running the installation.
- A. False
- B. True
Answer: A
NEW QUESTION # 35
A customer installed multiple PVWAs in the production environment behind a load balancer VIP. They subsequently observed that all incoming traffic from the load balancer VIP goes to only one PVWA, even though all the PVWAs are up and running. What could be the likely cause of this situation?
- A. SSL passthrough is not configured on the load balancer.
- B. The load balancing pool only has one PVWA server
- C. The Certificate of the load balancer is not a wild card cert
- D. The load balancing algorithm is the least connections algorithm.
Answer: B
NEW QUESTION # 36
An auditor needs to login to the PSM in order to live monitor an active session. Which user ID is used to establish the RDP connection to the PSM server?
- A. PSMGwUser
- B. PSMConnect
- C. PSMAdminConnect
- D. PSMMaster
Answer: C
NEW QUESTION # 37
If a password is changed manually on a server, bypassing the CPM, how would you configure the account so that the CPM could resume management automatically?
- A. Associate a reconcile account and configure the platform to reconcile automatically
- B. Configure the Provider to change the password to match the Vault's Password
- C. Associate a logon account and configure the platform to reconcile automatically
- D. Run the correct auto detection process to rediscover the password
Answer: A
NEW QUESTION # 38
Which user is automatically added to all Safes and cannot be removed?
- A. Auditor
- B. Master
- C. Operator
- D. Administrator
Answer: B
NEW QUESTION # 39
When managing SSH keys, the CPM stored the Private Key
- A. A & B
- B. In the Vault
- C. Nowhere because the private key can always be generated from the public key.
- D. On the target server
Answer: B
NEW QUESTION # 40
In a rule using "Privileged Session Analysis and Response" in PTA, which session options are available to configure as responses to activities?
- A. Suspend, Terminate, None
- B. Pause, Terminate, None
- C. Suspend, Terminate, Lock Account
- D. Suspend, Terminate
Answer: D
NEW QUESTION # 41
When a DR Vault Server becomes an active vault, it will automatically revert back to DR mode once the Primary Vault comes back online.
- A. True, this is the default behavior.
- B. False, the Vault administrator must manually set the DR Vault to DR mode by setting "FailoverMode=no" in the dbparm.ini file.
- C. True, if the AllowFailback setting is set to "yes" in the padr.ini file.
- D. False, the Vault administrator must manually set the DR Vault to DR mode by setting "FailoverMode=no" in the padr.ini file.
Answer: A
NEW QUESTION # 42
VAULT authorizations may be granted to_____.
- A. LDAP Groups
- B. LDAP Users
- C. Vault Groups
- D. Vault Users
Answer: B
NEW QUESTION # 43
Which of the following Privileged Session Management (PSM) solutions provide a detailed audit log of session activities?
- A. PSM (i.e., launching connections by clicking on the connect button in the PVWA)
- B. PSM for SSH (previously known as PSM-SSH Proxy)
- C. All of the above
- D. PSM for Windows (previously known as RDP Proxy)
Answer: D
NEW QUESTION # 44
......
Verified & Correct PAM-CDE-RECERT Practice Test Reliable Source Nov 22, 2023 Updated: https://braindumps.free4torrent.com/PAM-CDE-RECERT-valid-dumps-torrent.html