Labour Day Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. CyberArk
  3. CyberArk CDE Certification
  4. PAM-CDE-RECERT - CyberArk CDE Recertification

PAM-CDE-RECERT Exam Dumps - CyberArk CDE Recertification

Question # 4

Which type of automatic remediation can be performed by the PTA in case of a suspected credential theft security event?

A.

Password change

B.

Password reconciliation

C.

Session suspension

D.

Session termination

Full Access
Question # 5

To ensure all sessions are being recorded, a CyberArk administrator goes to the master policy and makes configuration changes.

Which configuration is correct?

A.

Require privileged session monitoring and isolation = inactive; Record and save session activity = active.

B.

Require privileged session monitoring and isolation = inactive; Record and save session activity = inactive.

C.

Require privileged session monitoring and isolation = active; Record and save session activity = active.

D.

Require privileged session monitoring and isolation = active; Record and save session activity = inactive.

Full Access
Question # 6

You received a notification from one of your CyberArk auditors that they are missing Vault level audit permissions. You confirmed that all auditors are missing the Audit Users Vault permission.

Where do you update this permission for all auditors?

A.

Private Ark Client > Tools > Administrative Tools > Directory Mapping > Vault Authorizations

B.

Private Ark Client > Tools > Administrative Tools > Users and Groups > Auditors > Authorizations tab

C.

PVWA User Provisioning > LDAP integration > Vault Auditors Mapping > Vault Authorizations

D.

PVWA> Administration > Configuration Options > LDAP integration > Vault Auditors Mapping > Vault Authorizations

Full Access
Question # 7

What is the configuration file used by the CPM scanner when scanning UNIX/Linux devices?

A.

UnixPrompts.ini

B.

plink.exe

C.

dbparm.ini

D.

PVConfig.xml

Full Access
Question # 8

As vault Admin you have been asked to configure LDAP authentication for your organization's CyberArk users. Which permissions do you need to complete this task?

A.

Audit Users and Add Network Areas

B.

Audit Users and Manage Directory Mapping

C.

Audit Users and Add/Update Users

D.

Audit Users and Activate Users

Full Access
Question # 9

VAULT authorizations may be granted to_____.

A.

Vault Users

B.

Vault Groups

C.

LDAP Users

D.

LDAP Groups

Full Access
Question # 10

Which Cyber Are components or products can be used to discover Windows Services or Scheduled Tasks that use privileged accounts? Select all that apply.

A.

Discovery and Audit (DMA)

B.

Auto Detection (AD)

C.

Export Vault Data (EVD)

D.

On Demand Privileges Manager (OPM)

E.

Accounts Discovery

Full Access
Question # 11

Which of the following are secure options for storing the contents of the Operator CD, while still allowing the contents to be accessible upon a planned Vault restart? (Choose three.)

A.

Store the CD in a physical safe and mount the CD every time Vault maintenance is performed

B.

Copy the entire contents of the CD to the system Safe on the Vault

C.

Copy the entire contents of the CD to a folder on the Vault Server and secure it with NTFS permissions

D.

Store the server key in a Hardware Security Module (HSM) and copy the rest the keys from the CD to a folder on the Vault Server and secure it with NTFS permissions

Full Access
Question # 12

Which utilities could you use to change debugging levels on the vault without having to restart the vault. Select all that apply.

A.

PAR Agent

B.

PrivateArk Server Central Administration

C.

Edit DBParm.ini in a text editor.

D.

Setup.exe

Full Access
Question # 13

A newly created platform allows users to access a Linux endpoint. When users click to connect, nothing happens.

Which piece of the platform is missing?

A.

PSM-SSH Connection Component

B.

UnixPrompts.ini

C.

UnixProcess.ini

D.

PSM-RDP Connection Component

Full Access
Question # 14

Secure Connect provides the following. Choose all that apply.

A.

PSM connections to target devices that are not managed by CyberArk.

B.

Session Recording

C.

Real-time live session monitoring.

D.

PSM connections from a terminal without the need to login to the PVWA

Full Access
Question # 15

A Logon Account can be specified in the Master Policy.

A.

TRUE

B.

FALSE

Full Access
Question # 16

Which of these accounts onboarding methods is considered proactive?

A.

Accounts Discovery

B.

Detecting accounts with PTA

C.

A Rest API integration with account provisioning software

D.

A DNA scan

Full Access
Question # 17

The Vault administrator can change the Vault license by uploading the new license to the system Safe.

A.

True

B.

False

Full Access
Question # 18

To manage automated onboarding rules, a CyberArk user must be a member of which group?

A.

Vault Admins

B.

CPM User

C.

Auditors

D.

Administrators

Full Access
Question # 19

Which onboarding method would you use to integrate CyberArk with your accounts provisioning process?

A.

Accounts Discovery

B.

Auto Detection

C.

Onboarding RestAPI functions

D.

PTA Rules

Full Access
Question # 20

A new domain controller has been added to your domain. You need to ensure the CyberArk infrastructure can use the new domain controller for authentication.

Which locations must you update?

A.

on the Vault server in Windows\System32\Etc\Hosts and in the PVWA Application under Administration > LDAP Integration > Directories > Hosts

B.

on the Vault server in Windows\System32\Etc\Hosts and on the PVWA server in Windows\System32\Etc\Hosts

C.

in the Private Ark client under Tools > Administrative Tools > Directory Mapping

D.

on the Vault server in the certificate store and on the PVWA server in the certificate store

Full Access
Question # 21

Via Password Vault Web Access (PVWA), a user initiates a PSM connection to the target Linux machine using RemoteApp. When the client’s machine makes an RDP connection to the PSM server, which user will be utilized?

A.

Credentials stored in the Vault for the target machine

B.

Shadowuser

C.

PSMConnect

D.

PSMAdminConnect

Full Access
Question # 22

Users can be resulted to using certain CyberArk interfaces (e.g.PVWA or PACLI).

A.

TRUE

B.

FALS

Full Access
Question # 23

The Accounts Feed contains:

A.

Accounts that were discovered by CyberArk in the last 30 days

B.

Accounts that were discovered by CyberArk that have not yet been onboarded

C.

All accounts added to the vault in the last 30 days

D.

All users added to CyberArk in the last 30 days

Full Access
Question # 24

In order to connect to a target device through PSM, the account credentials used for the connection must be stored in the vault?

A.

True.

B.

False. Because the user can also enter credentials manually using Secure Connect.

C.

False. Because if credentials are not stored in the vault, the PSM will log into the target device as PSM Connect.

D.

False. Because if credentials are not stored in the vault, the PSM will prompt for credentials.

Full Access
Question # 25

Accounts Discovery allows secure connections to domain controllers.

A.

TRUE

B.

FALSE

Full Access
Question # 26

When on-boarding account using Accounts Feed, Which of the following is true?

A.

You must specify an existing Safe where are account will be stored when it is on boarded to the Vault

B.

You can specify the name of a new sale that will be created where the account will be stored when it is on-boarded to the Vault.

C.

You can specify the name of a new Platform that will be created and associated with the account

D.

Any account that is on boarded can be automatically reconciled regardless of the platform it is associated with.

Full Access
Question # 27

For an account attached to a platform that requires Dual Control based on a Master Policy exception, how would you configure a group of users to access a password without approval.

A.

Create an exception to the Master Policy to exclude the group from the workflow process.

B.

Edith the master policy rule and modify the advanced’ Access safe without approval’ rule to include the group.

C.

On the safe in which the account is stored grant the group the’ Access safe without audit’ authorization.

D.

On the safe in which the account is stored grant the group the’ Access safe without confirmation’ authorization.

Full Access
Question # 28

In addition to disabling Windows services or features not needed for PVWA operations, which tasks does PVWA Hardening.ps1 perform when run?

A.

Performs IIS hardening: Imports the CyberArk INF configuration

B.

Performs IIS hardening: Configures all group policy settings

C.

Performs IIS hardening: Renames the local Administrator Account

D.

Configures Windows Firewall: Removes all installation files.

Full Access
Question # 29

Which user(s) can access all passwords in the Vault?

A.

Administrator

B.

Any member of Vault administrators

C.

Any member of auditors

D.

Master

Full Access
Question # 30

What is the easiest way to duplicate an existing platform?

A.

From PrivateArk, copy/paste the appropriate Policy.ini file; then rename it.

B.

From the PVWA, navigate to the platforms page, select an existing platform that is similar to the new target account platform and then click Duplicate; name the new platform.

C.

From PrivateArk, copy/paste the appropriate settings in PVConfiguration.xml; then update the policyName variable.

D.

From the PVWA, navigate to the platforms page, select an existing platform that is similar to the new target account platform, manually update the platform settings and click “Save as” INSTEAD of save to duplicate and rename the platform.

Full Access
Question # 31

What is the maximum number of levels of authorization you can set up in Dual Control?

A.

1

B.

2

C.

3

D.

4

Full Access

Hot Exams

ADM-201 Dumps
Sales-Cloud-Consultant Dumps
PCNSE Dumps
Service-Cloud-Consultant Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
Associate-Cloud-Engineer Dumps
350-701 Dumps
AZ-104 Dumps
CKA Dumps
SY0-601 Dumps
NCSE-Core Dumps