EMT Practice Test

1. Question Content...


Question List

Question1: A Simple Mail Transfer Protocol (SMTP) integration is critical for monitoring Vault activity and facilitating workflow processes, such as Dual Control.

Question2: For each listed prerequisite, identify if it is mandatory or not mandatory to run the PSM Health Check.

Question3: You have associated a logon account to one your UNIX cool accounts in the vault. When attempting to
[b]change [/b] the root account's password the CPM will.....

Question4: Which of the following are secure options for storing the contents of the Operator CD, while still allowing the contents to be accessible upon a planned Vault restart? (Choose three.)

Question5: SAFE Authorizations may be granted to____________.
Select all that apply.

Question6: Arrange the steps to restore a Vault using PARestore for a Backup in the correct sequence.

Question7: When running a "Privileged Accounts Inventory" Report through the Reports page in PVWA on a specific safe, which permission/s are required on that safe to show complete account inventory information?

Question8: If the AccountUploader Utility is used to create accounts with SSH keys, which parameter do you use to set the full or relative path of the SSH private key file that will be attached to the account?

Question9: PSM for Windows (previously known as "RDP Proxy") supports connections to the following target systems

Question10: Your organization has a requirement to allow users to "check out passwords" and connect to targets with the same account through the PSM.
What needs to be configured in the Master policy to ensure this will happen?

Question11: What is the purpose of the CyberArk Event Notification Engine service?

Question12: Which parameter controls how often the CPM looks for Soon-to-be-expired Passwords that need to be changed.

Question13: Match the log file name with the CyberArk Component that generates the log.

Question14: What is the chief benefit of PSM?

Question15: You need to enable the PSM for all platforms.
Where do you perform this task?

Question16: Which values are acceptable in the address field of an Account?

Question17: You are creating a Dual Control workflow for a team's safe.
Which safe permissions must you grant to the Approvers group?

Question18: What is the purpose of the Immediate Interval setting in a CPM policy?

Question19: As long as you are a member of the Vault Admins group, you can grant any permission on any safe that you have access to.

Question20: For Digital Vault Cluster in a high availability configuration, how does the cluster determine if a node is down?

Question21: dbparm.ini is the main configuration file for the Vault.

Question22: It is possible to restrict the time of day, or day of week that a [b]verify[/b] process can occur

Question23: Vault admins must manually add the auditors group to newly created safes so auditors will have sufficient access to run reports.

Question24: Within the Vault each password is encrypted by:

Question25: Which of the following logs contains information about errors related to PTA?

Question26: In a default CyberArk installation, which group must a user be a member of to view the "reports" page in PVWA?

Question27: A Vault Administrator team member can log in to CyberArk, but for some reason, is not given Vault Admin rights.
Where can you check to verify that the Vault Admins directory mapping points to the correct AD group?

Question28: In PVWA, you are attempting to play a recording made of a session by user jsmith, but there is no option to "Fast Forward" within the video. It plays and only allows you to skip between commands instead. You are also unable to download the video.
What could be the cause?

Question29: Which utilities could you use to change debugging levels on the vault without having to restart the vault.
Select all that apply.

Question30: What is the configuration file used by the CPM scanner when scanning UNIX/Linux devices?

Question31: Which item is an option for PSM recording customization?

Question32: What is the easiest way to duplicate an existing platform?

Question33: In the Private Ark client, how do you add an LDAP group to a CyberArk group?

Question34: You have been asked to secure a set of shared accounts in CyberArk whose passwords will need to be used by end users. The account owner wants to be able to track who was using an account at any given moment.
Which security configuration should you recommend?

Question35: When managing SSH keys, the CPM stores the Public Key

Question36: One can create exceptions to the Master Policy based on ____________________.

Question37: Which Cyber Are components or products can be used to discover Windows Services or Scheduled Tasks that use privileged accounts? Select all that apply.

Question38: You received a notification from one of your CyberArk auditors that they are missing Vault level audit permissions. You confirmed that all auditors are missing the Audit Users Vault permission.
Where do you update this permission for all auditors?

Question39: When creating an onboarding rule, it will be executed upon .

Question40: Match each permission to where it can be found.

Question41: Ad-Hoc Access (formerly Secure Connect) provides the following features. Choose all that apply.

Question42: Which Master Policy Setting must be active in order to have an account checked-out by one user for a pre-determined amount of time?

Question43: Match each PTA alert category with the PTA sensors that collect the data for it.

Question44: Customers who have the 'Access Safe without confirmation' safe permission on a safe where accounts are configured for Dual control, still need to request approval to use the account.

Question45: Match the connection component to the corresponding OS/Function.

Question46: Which option in the Private Ark client is used to update users' Vault group memberships?

Question47: Which of the following Privileged Session Management solutions provide a detailed audit log of session activities?

Question48: Which of the following components can be used to create a tape backup of the Vault?

Question49: Which combination of Safe member permissions will allow end users to log in to a remote machine transparently but NOT show or copy the password?

Question50: tsparm.ini is the main configuration file for the Vault.

Question51: In your organization the "click to connect" button is not active by default.
How can this feature be activated?

Question52: What is the purpose of the Interval setting in a CPM policy?

Question53: Which statement is correct concerning accounts that are discovered, but cannot be added to the Vault by an automated onboarding rule?

Question54: In order to connect to a target device through PSM, the account credentials used for the connection must be stored in the vault?

Question55: Which is the primary purpose of exclusive accounts?

Question56: Your organization requires all passwords be rotated every 90 days.
Where can you set this regulatory requirement?

Question57: It is possible to control the hours of the day during which a user may log into the vault.

Question58: In a rule using "Privileged Session Analysis and Response" in PTA, which session options are available to configure as responses to activities?