EMT Practice Test

1. Question Content...


Question List

Question1: When a DR vault server becomes an active vault, it will automatically fail bacK to the original state once the primary vault comes back online.

Question2: Multiple PVWA servers can be load balanced.

Question3: What is the maximum number of levels of authorizations you can set up in Dual Control?

Question4: Which of the following are prerequisites for installing PVWA? Check all that Apply.

Question5: The Vault needs to send SNMP traps to your SNMP solution, which file is used to configure the IP address of the SNMP server?

Question6: An Auditor needs to login to the PSM in order to live monitor an active session. Which User ID is used to establish the RDP connection to the PSM server?

Question7: SAFE Authorizations may be granted to___________________.
Select all that apply.

Question8: Vault admins must manually add the auditors group to newly created safes so auditors will have sufficient access to run reports.D18912E1457D5D1DDCBD40AB3BF70D5D

Question9: One can create exceptions to the Master Policy based on_________.

Question10: In Accounts Discovery, you can configure a Windows discovery to scan______________.

Question11: HA, DR, Replicate are mutually exclusive and cannot be used in the same environment.

Question12: Which of the following sends out Simple Network Management Protocol (SNMP) traps?

Question13: It is impossible to override Master Policy settings for a Platform

Question14: An SNMP integration allows you to forward audit records from the vault to the SIEM.

Question15: Which service should NOT be running on the DR Vault when the primary production Vault is up?

Question16: A Logon Account can be specified in the Master Policy

Question17: Platform settings are applied to _________.

Question18: When managing SSH keys. CPM automatically pushes the Public Key to the target system.

Question19: The vault server uses a modified version of the Microsoft Windows firewall

Question20: One time passwords reduce the risk of Pass the Hash vulnerabilities in Windows.

Question21: What is the purpose of the password verify process?

Question22: Which Master Policy?

Question23: Which is the correct order of installation for PAS components?

Question24: A SIEM integration is a powerful way to correlate Privileged Account Usage with Privileged Account Activity.

Question25: What is the purpose of the Allowed Safes parameter in a CPM policy? Select all that apply.

Question26: Ad-Hoc Access (formerly Secure Connect) provides the following features. (Choose all that apply.)

Question27: Which of the following PTA detections are included in the Core PAS offering? (Choose all that apply.)

Question28: When managing SSH keys, the Central Policy Manager (CPM) stores the private key.

Question29: The Vault can only integrate with a single Security Information and Event Management (SIEM) or SYSLOG server.

Question30: The PSM requires the Remote Desktop Web Access role service.

Question31: What is the name of the Platform parameter that controls how long a password will stay valid when One Time Passwords are enabled via the Master Policy?

Question32: A safe was recently created by a user who is a member of the LDAP Vault Administrators group. Which of the following users does not have access to the newly created safe by default?

Question33: When working with the CyberArk Cluster, which service is considered Optional (i.e., failure of the service does not mandate a failover)?

Question34: What is the chief benefit of PSM?

Question35: After the Vault server is installed, the Microsoft Windows firewall is now commandeered by the Vault. Can the administrator change these firewall rules?

Question36: dbparm.ini is the main configuration file for the vault.

Question37: In a Disaster Recovery (DR) environment, which of the following should NEVER be configured for automatic failover due to the possibility of split-brain phenomenon?

Question38: A Simple Mail Transfer Protocol (SMTP) integration is critical for monitoring Vault activity and facilitating workflow processes, such as Dual Control.

Question39: When managing SSH keys, CPM automatically pushes the Private Key to all systems that use it.

Question40: When a group is granted the 'Authorize Account Requests' permission on a safe Dual Control requests must be approved by:

Question41: What is the primary purpose of One Time Passwords?

Question42: A vault admin received an email notification that a password verification process has failed Which service sent the message?

Question43: What is the purpose of the CyberArk Event Notification Engine service.

Question44: Which report shows the accounts that are accessible to each user?

Question45: Multiple PVWA servers are always all active.

Question46: What is the purpose of the Interval setting in a CPM policy?

Question47: It is possible to control the hours of the day during which a safe may be used.

Question48: The password upload utility must run from the CPM server.

Question49: Which of these accounts onboarding methods is considered proactive?

Question50: In order to connect to a target device through PSM. the account credentials used for the connection must be stored in the vault?

Question51: How does the Vault administrator configure the CyberArk Disaster Recovery (DR) solution to perform automatic failover in case of failure in the Primary Vault?

Question52: The PSM Gateway (also known as the HTML5 Gateway) can be installed

Question53: PTA can automatically suspend sessions in case of suspicious activities detected in a privileged session, only if the session is made via the CyberArk PSM.

Question54: When using multiple Central Policy Managers (CPM), which one of the following Safes is shared by all CPMs?

Question55: One of your users is receiving the error message "ITATS006E Station is suspended for User jsmith" when attempting to sign in to the pvwa. Which utility would you use to correct this problem?

Question56: CyberArk implements license limits by controlling the number and types of users that can be provisioned in the vault.

Question57: PSM captures a record of each command that was executed in Unix.

Question58: During ENE integration you should specify the Fully-Qualified Domain Name (FQDN) of the SMTP Gateway server.

Question59: Which file is used to integrate the Vault with your Radius server?

Question60: During the process of installing the Central Policy Manager (CPM), the Vault administrator will be asked to provide the credentials for an administrative user in the Vault. For which purpose are these credentials used?

Question61: CyberArk creates exceptions for Data Execution Prevention (DEP) on selected executable files. This is done as part of installing which of the following components?

Question62: What is the purpose of the CyberArk Event Notification Engine service.

Question63: A Vault Administrator wants to change the PSM Server ID to comply with a naming standard What is the process for changing the PSM Server ID?

Question64: Which file is used to configure the ENE service?

Question65: The System safe allows access to the Vault configuration files.

Question66: What is the PRIMARY reason for installing more than 1 active CPM?

Question67: The Vault Internal safe contains all of the configuration for the vault.

Question68: During LDAP/S integration you should specify the Fully Qualified Domain Name (FQDN) of the Domain Controller

Question69: Which of the following options is not set in the Master Policy?

Question70: CyberArk recommends implementing object level access control on all Safes.

Question71: Which combination of safe member permissions will allow End Users to log in to a remote machine transparently but NOT show or copy the password?

Question72: When a DR Vault Server becomes an active vault, it will automatically revert back to DR mode once the Primary Vault comes back online.

Question73: Where does the Vault administrator configure in Password Vault Web Access (PVWA) the Fully Qualified Domain Name (FQDN) of the domain controller during LDAP/S integration?

Question74: A Logon Account can be specified in the platform settings

Question75: PSM captures a record of each command that was issues in SQL Plus.

Question76: You are successfully managing passwords in the alpha.cyberark com domain; however when you attempt to manage a password in the beta.cyberark.com domain, you receive the 'network path not found* error What should you check first?

Question77: When is the transparent user provisioned initially in the vault?

Question78: The vault supports Subnet Based Access Control.

Question79: The Vault needs to send SNMP traps to an SNMP solution. In which configuration file do you set the IP address of the SNMP solution?

Question80: CyberArk Logical Container