PAM-CDE-RECERT Online Practice Questions and Answers

You receive this error:

"Error in changepass to user domain\user on domain server(\domain.(winRc=5) Access is denied."

Which root cause should you investigate?

A. The account does not have sufficient permissions to change its own password.

B. The domain controller is unreachable.

C. The password has been changed recently and minimum password age is preventing the change.

D. The CPM service is disabled and will need to be restarted.

You have been asked to design the number of PVWAs a customer must deploy. The customer has three data centers with a distributed vault in each, requires high availability, and wants to use all vaults, at all times. How many PVWAs does the customer need?

A. six

B. four

C. two

D. three

Accounts Discovery allows secure connections to domain controllers.

A. TRUE

B. FALSE

Assuming a safe has been configured to be accessible during certain hours of the day, a Vault Admin may still access that safe outside of those hours.

A. TRUE

B. FALSE

When on-boarding account using Accounts Feed, Which of the following is true?

A. You must specify an existing Safe where are account will be stored when it is on boarded to the Vault

B. You can specify the name of a new sale that will be created where the account will be stored when it is on-boarded to the Vault.

C. You can specify the name of a new Platform that will be created and associated with the account

D. Any account that is on boarded can be automatically reconciled regardless of the platform it is associated with.

What is the purpose of the Immediate Interval setting in a CPM policy?

A. To control how often the CPM looks for System Initiated CPM work.

B. To control how often the CPM looks for User Initiated CPM work.

C. To control how often the CPM rests between password changes.

D. To Control the maximum amount of time the CPM will wait for a password change to complete.

A Vault Administrator team member can log in to CyberArk, but for some reason, is not given Vault Admin rights. Where can you check to verify that the Vault Admins directory mapping points to the correct AD group?

A. PVWA > User Provisioning > LDAP Integration > Mapping Criteria

B. PVWA > User Provisioning > LDAP Integration > Map Name

C. PVWA > Administration > LDAP Integration > Mappings

D. PVWA > Administration > LDAP Integration > AD Groups

Which of the following PTA detections are included in the Core PAS offering?

A. Suspected Credential Theft

B. Over-Pass-The Hash

C. Golden Ticket

D. Unmanaged Privileged Access

You have associated a logon account to one your UNIX cool accounts in the vault. When attempting to [b]change [/b] the root account's password the CPM will.....

A. Log in to the system as root, then change root's password

B. Log in to the system as the logon account, then change roofs password

C. Log in to the system as the logon account, run the su command to log in as root, and then change root's password.

D. None of these

DRAG DROP

For each listed prerequisite, identify if it is mandatory or not mandatory to run the PSM Health Check.

Select and Place: