EMT Practice Test

1. Question Content...


Question List

Question1: In order to connect to a target device through PSM. the account credentials used for the connection must be stored in the vault?

Question2: The Remote Desktop Services role installed on PSM must be properly licensed by Microsoft.

Question3: A SIEM integration allows you to forward audit records to a monitoring solution.

Question4: Which of the following are prerequisites for installing PVWA? Check all that Apply.

Question5: dbparm.ini is the main configuration file for the vault.

Question6: An SMTP integration allows you to forward audit records from the vault to the SIEM.

Question7: What is the primary purpose of Dual Control?

Question8: If a user is a member of more than one group that has authorizations on a safe, by default that user is granted
__________________.

Question9: A safe was recently created by a user who is a member of the LDAP Vault Administrators group. Which of the following users does not have access to the newly created safe by default?

Question10: It is possible to disable the Show and Copy buttons without removing the Retrieve permission on a safe.

Question11: Which file would you modify to configure your Vault Server to forward Activity Logs to a SIEM or SYSLOG server?

Question12: Which of the following options is not set in the Master Policy?

Question13: The PSM Gateway (also known as the HTML5 Gateway) can be installed

Question14: What are the operating system prerequisites for installing CPM? Select all that apply.

Question15: The DR module allows an integration with Enterprise Backup software

Question16: PTA can automatically suspend sessions in case of suspicious activities detected in a privileged session, only if the session is made via the CyberArk PSM.

Question17: It is possible to leverage DNA to provide discovery functions that are not available with auto-detection.

Question18: CyberArk Logical Container

Question19: Which of the following is NOT a use case for installing multiple CPMS?

Question20: For an account attached to a platform that requires Dual Control based on a Master Policy exception, how would you configure access a password without approval

Question21: Match the log file name with the CyberArk Component that generates the log.

Question22: A Logon Account can be specified in the platform settings

Question23: The System safe allows access to the Vault configuration files.

Question24: HA, DR, Replicate are mutually exclusive and cannot be used in the same environment.

Question25: What conditions must be met in order to log into the vault as the Master user? Select all that apply

Question26: Which parameter controls how often the CPM looks for accounts that need to be changed from recently completed Dual control requests?

Question27: Which report could show all audit data in the vault?

Question28: Multiple CPM Servers can be load balanced.

Question29: During ENE integration you should specify the Fully-Qualified Domain Name (FQDN) of the SMTP Gateway server.

Question30: In accordance with best practice. SSH access is denied for root accounts on UNIX/LINUX systems. What is the BEST way to allow CPM to manage root accounts.

Question31: In an SIEM integration it is recommended to use the fully-qualified domain name (FGDN) when specifying the SIEM server address(es).

Question32: The vault does not support Role Based Access Control

Question33: Which Built-in group grants access to the ADMINISTRATION page?

Question34: A SIEM integration is a powerful way to correlate Privileged Account Usage with Privileged Account Activity.

Question35: During LDAP/S integration you should specify the Fully Qualified Domain Name (FQDN) of the Domain Controller

Question36: tsparm.ini is the main configuration file for the vault.

Question37: One of your users is receiving the error message "ITATS006E Station is suspended for User jsmith" when attempting to sign in to the pvwa. Which utility would you use to correct this problem?

Question38: In an SMTP integration it is recommended to use the fully-qualified domain name (FQDN) when specifying the SMTP server addresses).

Question39: What is the purpose of the password Change process?

Question40: It is possible to restrict the time of day, or day of week that a change process can occur.

Question41: All of your Unix root passwords are stored in the safe UnixRoot. Dual control is enabled for some of the accounts in that safe The members of the AD group UnixAdmms need to be able to use the show, copy, and connect buttons on those passwords at any time without confirmation The members of the AD group OperationsStaff need to be able to use the show, copy and connect buttons on those passwords on an emergency basis, but only with the approval of a member of OperationsManagers The members of OperationsManagers never need to be able to use the show, copy or connect buttons themselves.
Which safe permissions do you need to grant to UnixAdmins? Check all that apply

Question42: When working with the CyberArk Cluster, the Virtual IP is used by:

Question43: After the Vault Server is installed, the Microsoft Windows Firewall is now commandeered by the Vault Can the administrator change these firewall rules?

Question44: When the PSM Gateway (also known as the HTML5 ( End Point in order to launch connections via the PSM

Question45: What are the chief benefits of PSM? Choose all that apply

Question46: The Vault supports multiple instances of the following components Choose all that Apply

Question47: What is the primary purpose of One Time Passwords?

Question48: Multiple PVWA servers are always all active.

Question49: A Logon Account can be specified in the Master Policy

Question50: tsparm.ini is the main configuration file for the vault.

Question51: You have associated a logon account to one of your UNIX root accounts in the vault When attempting to verify the root account's password the CPM will...

Question52: Which of the following logs contain information about errors related to PTA?

Question53: When accessing the Vault via PVWA, is it possible, is it possible to configure multiple Dual Authentication Methods?

Question54: Which file is used to integrate the Vault with your Radius server?

Question55: Multiple PSM Servers can be load balanced.

Question56: What is the purpose of a password group?

Question57: Accounts Discovery allows secure connections to domain controllers.

Question58: Time of day of week restrictions on when password changes can occur are configured in ________________.

Question59: What values are acceptable in the address field on the Accounts Details.

Question60: Select the best practice for storing the Master CD.