CAU201 Online Practice Questions and Answers

DRAG DROP

Match each component to its respective Log File location.

Select and Place:

All of your Unix root passwords are stored in the safe UnixRoot. Dual control is enabled for some of the accounts in that safe. The members of the AD group UnixAdmins need to be able to use the show, copy, and connect buttons on those passwords at any time without confirmation. The members of the AD group OperationsStaff need to be able to use the show, copy and connect buttons on those passwords on an emergency basis, but only with the approval of a member of OperationsManagers. The members of OperationsManagers never need to be able to use the show, copy or connect buttons themselves.

Which safe permissions do you need to grant to OperationsStaff? Check all that apply.

A. Use Accounts

B. Retrieve Accounts

C. List Accounts

D. Authorize Password Requests

E. Access Safe without Authorization

When on-boarding account using Accounts Feed, which of the following is true?

A. You must specify an existing Safe where the account will be stored when it is on-boarded to the Vault.

B. You can specify the name of a new safe that will be created where the account will be stored when it is on-boarded to the Vault.

C. You can specify the name of a new Platform that will be created and associated with the account.

D. Any account that is on-boarded can be automatically reconciled regardless of the platform it is associated with.

Platform settings are applied to______________.

A. The entire vault.

B. Network Areas

C. Safes

D. Individual Accounts

Which Master Policy Setting must be active in order to have an account checked-out by one user for a pre-determined amount of time?

A. Require dual control password access Approval

B. Enforce check-in/check-out exclusive access

C. Enforce one-time password access

D. Enforce check-in/check-out exclusive access and Enforce one-time password access

Which user is automatically added to all Safes and cannot be removed?

A. Auditor

B. Administrator

C. Master

D. Operator

You are creating a Dual Control workflow for a team's safe. Which safe permissions must you grant to the Approvers group?

A. List accounts, Authorize account request

B. Retrieve accounts, Access Safe without confirmation

C. Retrieve accounts, Authorize account request

D. List accounts, Unlock accounts

You are creating a shared safe for the help desk.

What must be considered regarding the naming convention?

A. Ensure your naming convention is no longer than 20 characters.

B. Combine environments, owners and platforms to minimize the total number of safes created.

C. Safe owners should determine the safe name to enable them to easily remember it.

D. The use of these characters V:*<>".| is not allowed.

A new HTML5 Gateway has been deployed in your organization. Where do you configure the PSM to use the HTML5 Gateway?

A. Administration > Options > Privileged Session Management > Configured PSM Servers > Connection Details > Add PSM Gateway

B. Administration > Options > Privileged Session Management > Add Configured PSM Gateway Servers

C. Administration > Options > Privileged Session Management > Configured PSM Servers > Add PSM Gateway

D. Administration > Options > Privileged Session Management > Configured PSM Servers > Connection Details

You are onboarding 5,000 UNIX root accounts for rotation by the CPM. You discover that the CPM is unable to log in directly with the root account and will need to use a secondary account. How should this be configured to allow for password management using least privilege?

A. Configure each CPM to use the correct logon account.

B. Configure each CPM to use the correct reconcile account.

C. Configure the UNIX platform to use the correct logon account.

D. Configure the UNIX platform to use the correct reconcile account.