PAM-DEF Exam Questions
233 real PAM-DEF exam questions with expert-verified answers and explanations. Page 1 of 5.
- Question #1
If a user is a member of more than one group that has authorizations on a safe, by default that user is granted________.
- Question #2
It is possible to control the hours of the day during which a user may log into the vault.
- Question #3
VAULT authorizations may be granted to_____.
- Question #4
What is the purpose of the Interval setting in a CPM policy?
- Question #5
All of your Unix root passwords are stored in the safe UnixRoot. Dual control is enabled for some of the accounts in that safe. The members of the AD group UnixAdmins need to be ab...
- Question #6
What is the purpose of the Immediate Interval setting in a CPM policy?
- Question #7
Which utilities could you use to change debugging levels on the vault without having to restart the vault. Select all that apply.
- Question #8
A Logon Account can be specified in the Master Policy.
- Question #9
For an account attached to a platform that requires Dual Control based on a Master Policy exception, how would you configure a group of users to access a password without approval.
- Question #10
As long as you are a member of the Vault Admins group, you can grant any permission on any safe that you have access to.
- Question #11
Which report provides a list of account stored in the vault.
- Question #12
When on-boarding account using Accounts Feed, Which of the following is true?
- Question #13
Target account platforms can be restricted to accounts that are stored m specific Safes using the Allowed Safes property.
- Question #14
Which one the following reports is NOT generated by using the PVWA?
- Question #15
PSM captures a record of each command that was executed in Unix.
- Question #16
Platform settings are applied to _________.
- Question #17
Customers who have the `Access Safe without confirmation' safe permission on a safe where accounts are configured for Dual control, still need to request approval to use the accoun...
- Question #18
What is the name of the Platform parameters that controls how long a password will stay valid when One Time Passwords are enabled via the Master Policy?
- Question #19
It is possible to leverage DNA to provide discovery functions that are not available with auto- detection.
- Question #20
Which of the following files must be created or configured m order to run Password Upload Utility? Select all that apply.
- Question #21
Users can be resulted to using certain CyberArk interfaces (e.g.PVWA or PACLI).
- Question #22
What is the purpose of the HeadStartlnterval setting m a platform?
- Question #23
It is possible to restrict the time of day, or day of week that a [b]reconcile[/b] process can occur
- Question #24
Which of the following options is not set in the Master Policy?
- Question #25
The primary purpose of exclusive accounts is to ensure non-repudiation (Individual accountability).
- Question #26
The System safe allows access to the Vault configuration files.
- Question #27
You have associated a logon account to one your UNIX cool accounts in the vault. When attempting to [b]change [/b] the root account's password the CPM will.....
- Question #28
It is possible to restrict the time of day, or day of week that a [b]verify[/b] process can occur
- Question #29
Which of the Following can be configured in the Master Poky? Choose all that apply.
- Question #30
If a password is changed manually on a server, bypassing the CPM, how would you configure the account so that the CPM could resume management automatically?
- Question #31
What is the maximum number of levels of authorization you can set up in Dual Control?
- Question #32
As long as you are a member of the Vault Admins group you can grant any permission on any safe.
- Question #33
In accordance with best practice, SSH access is denied for root accounts on UNIX/LINUX system. What is the BEST way to allow CPM to manage root accounts.
- Question #34
Which of the following statements are NOT true when enabling PSM recording for a target Windows server? (Choose all that apply)
- Question #35
The Password upload utility can be used to create safes.
- Question #36
Which Cyber Are components or products can be used to discover Windows Services or Scheduled Tasks that use privileged accounts? Select all that apply.
- Question #37
A Reconcile Account can be specified in the Master Policy.
- Question #38
In order to connect to a target device through PSM, the account credentials used for the connection must be stored in the vault?
- Question #39
SAFE Authorizations may be granted to____________. Select all that apply.
- Question #40
Secure Connect provides the following. Choose all that apply.
- Question #41
Which onboarding method would you use to integrate CyberArk with your accounts provisioning process?
- Question #42
What is the purpose of a linked account?
- Question #43
Which of the following PTA detections are included in the Core PAS offering?
- Question #44
One can create exceptions to the Master Policy based on ____________________.
- Question #45
The vault supports Role Based Access Control.
- Question #46
Can the 'Connect' button be used to initiate an SSH connection, as root, to a Unix system when SSH access for root is denied?
- Question #47
A user with administrative privileges to the vault can only grant other users privileges that he himself has.
- Question #48
By default, members of which built-in groups will be able to view and configure Automatic Remediation and Session Analysis and Response in the PVWA?
- Question #49
CyberArk implements license limits by controlling the number and types of users that can be provisioned in the vault.
- Question #50
Assuming a safe has been configured to be accessible during certain hours of the day, a Vault Admin may still access that safe outside of those hours.