EMT Practice Test

1. Question Content...


Question List

Question1: When on-boarding accounts using Accounts Feed. Which of the following is true"?

Question2: You have associated a logon account to one of your UNIX root accounts in the vault When attempting to verify the root account's password the CPM will...

Question3: What is the purpose of the CyberArk Event Notification Engine service.

Question4: For the hardening process to complete successfully, security products like Antivirus should be installed on the Vault server before running the vault installer

Question5: When is the transparent user provisioned initially in the vault?

Question6: Which of the following sends out Simple Network Management Protocol (SNMP) traps?

Question7: The vault does not support Subnet Based Access Control.

Question8: Which is the correct order of installation for PAS components?

Question9: When managing SSH keys, the Central Policy Manager (CPM) stores the private key .

Question10: Which file does the Vault administrator need to edit in order to configure the integration of the Vault with the radius server?

Question11: Accounts Discovery allows secure connections to domain controllers.

Question12: It is possible to disable the Show and Copy buttons without removing the Retrieve permission on a safe.

Question13: In a Distributed Vaults environment, which of the following components will NOT be communicating with the Satellite Vaults?

Question14: Select the best practice for storing the Master CD.

Question15: In an SMTP integration it is recommended to use the fully-qualified domain name (FQDN) when specifying the SMTP server addresses).

Question16: What is the process to remove object level access control from a Safe?

Question17: The Vault Internal safe contains the configuration for an LDAP integration.

Question18: Which IP port and Protocol are used by the CyberArk Secure Proprietary Protocol?

Question19: Which file is used to configure new firewall rules on the Vault?

Question20: dbparm.ini is the main configuration file for the vault.

Question21: A safe was recently created by a user who is a member of the LDAP Vault Administrators group. Which of the following users does not have access to the newly created safe by default?

Question22: How does the Vault administrator apply a new license file?

Question23: When working with the CyberArk Cluster, the Virtual IP is used by:

Question24: The Vault administrator can change the Vault license by uploading the new license to the system Safe.

Question25: The vault server uses a modified version of the Microsoft Windows firewall

Question26: Which service should NOT be running on the DR Vault when the primary production Vault is up?

Question27: CyberArk implements license limits by controlling the number and types of users that can be provisioned in the vault.

Question28: One of your users is receiving the error message "ITATS006E Station is suspended for User jsmith" when attempting to sign in to the pvwa. Which utility would you use to correct this problem?

Question29: Which of these accounts onboarding methods is considered proactive?

Question30: Match the log file name with the CyberArk Component that generates the log.

Question31: In an SIEM integration it is recommended to use the fully-qualified domain name (FGDN) when specifying the SIEM server address(es).

Question32: The DR module allows an integration with Enterprise Backup software

Question33: Which keys are required to be present in order to start the PrivateArk Server Service? Select all that apply.

Question34: Any user can monitor live sessions in real time when users initiate RDP connection via Secure Connect through PSM?

Question35: The PSM requires the Remote Desktop Web Access role service.

Question36: What values are acceptable in the address field on the Accounts Details.

Question37: How does the Vault administrator configure the CyberArk Disaster Recovery (DR) solution to perform automatic failover in case of failure in the Primary Vault?

Question38: Multiple Vault Servers can be load balanced.

Question39: During the process of installing the CPM, you will be asked to provide the credentials for an administrate user in the Vault. What are these credentials used for?

Question40: Which combination of safe member permissions will allow End Users to log in to a remote machine transparently but NOT show or copy the password?

Question41: As long as you are a member of the Vault Admins group, you can grant any permission on any safe that you have access to.

Question42: The vault does not support Role Based Access Control

Question43: What is the primary purpose of Dual Control?

Question44: Name two ways of viewing the ITAlog:

Question45: Can ITALOG records be forwarded to the monitoring solution via Security Information and Event Management (SIEM) integration?

Question46: A SIEM integration is a powerful way to correlate Privileged Account Usage with Privileged Account Activity.

Question47: Customers who have the 'Access Safe without confirmation' safe permission on a safe where accounts are configured for Dual control, still need to request approval to use the account.

Question48: The Application Inventory report is related to AIM.

Question49: It is impossible to override Master Policy settings for a Platform

Question50: Which of the following is considered a prerequiste for installing PSM?

Question51: Which Master Policy Setting(s) must be active in order to have an account checked-out by one user for a predetermined amount of time?

Question52: In order to connect to a target device through PSM. the account credentials used for the connection must be stored in the vault?

Question53: A Simple Network Management Protocol (SNMP) integration allows the Vault administrator to forward ITALOG records to a monitoring solution.

Question54: Which utilities could you use to change debugging levels on the vault without having to restart the vault Select all that apply.

Question55: If a password is changed manually on a server, bypassing the CPM, how would you configure the account so that the CPM could resume management automatically?

Question56: Which user(s) can access all passwords in the vault

Question57: A vault admin received an email notification that a password verification process has failed Which service sent the message?

Question58: A Reconcile Account can be specified in the Master Policy.

Question59: In version 10.7 the correct order of installation for components changed. Make the necessary corrections to the list below to show the new installation order.
Select and Place:

Question60: Within the Vault each password is encrypted by

Question61: Which credentials does CyberArk use when managing a target account?

Question62: PSM captures a record of each command that was issues in SQL Plus.

Question63: When using multiple Central Policy Managers (CPM), which one of the following Safes is shared by all CPMs?

Question64: PSM requires the Remote Desktop Gateway role service.

Question65: CyberArk recommends implementing object level access control on all Safes.

Question66: Which file is used to integrate the Vault with your Radius server?

Question67: In the vault each password is encrypted with a unique encryption key.

Question68: Which CyberArk components or products can be used to discover Windows Services or Scheduled Tasks that use privileged accounts'? Select all that apply.

Question69: Which report could show all accounts that are past their expiration dates?

Question70: The PSM Gateway (also known as the HTML5 Gateway) can be installed

Question71: Which is the purpose of the HeadStartInterval setting in a platform?

Question72: Multiple PVWA servers provide automatic load balancing.

Question73: During the process of installing the Central Policy Manager (CPM), the Vault administrator will be asked to provide the credentials for an administrative user in the Vault. For which purpose are these credentials used?

Question74: After the Vault administrator configures syslog integration on the Vault, the Vault will be able to .

Question75: What is the purpose of the PrivateArk Server service?

Question76: The Vault Internal safe contains all of the configuration for the vault.

Question77: Which of the following are secure options for storing the contents of the Operator CD. while still allowing the contents to be accessible upon a planned Vault restart? Choose alt that apply

Question78: Which user is automatically given all Safe authorizations on all Safes?

Question79: When managing SSH keys, the CPM stores the Public Key ________________.