[Nov 21, 2021] CAU302 Exam Dumps - CyberArk Practice Test Questions
New Real CAU302 Exam Dumps Questions
Certification Path
There is no prerequisite for this exam. Completing this exam will give you CyberArk Defender + Sentry certified status.
NEW QUESTION 65
When the PSM Gateway (also known as the HTML5 Gateway) is implemented, users must have an RDP client, such as MSTSC, installed on their endpoint in order to launch connections via the PSM.
- A. True
- B. False. When the PSM Gateway is implemented, the user only requires a browser in order launch a connection via the PSM.
Answer: A
NEW QUESTION 66
Which one of the built-in Vault users is not automatically added to the safe when it is first created in PVWA?
- A. Administrator
- B. Master
- C. Operator
- D. Auditor
Answer: A
NEW QUESTION 67
It is possible to control the hours of the day during which a safe may be used.
- A. FALSE
- B. TRUE
Answer: B
NEW QUESTION 68
A SIEM integration allows you to forward ITALOG records to a monitoring solution.
- A. FALSE
- B. TRUE
Answer: A
NEW QUESTION 69
Via Password Vault Web Access (PVWA), a user initiates a PSM connection to the target Linux machine using RemoteApp. When the client's machine makes an RDP connection to the PSM server, which user will be utilized?
- A. PSMAdminConnect
- B. Credentials stored in the Vault for the target machine
- C. PSMConnect
- D. Shadowuser
Answer: C
Explanation:
Explanation/Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/MESSAGES/RDP%
20file%20and%20RemoteApp%20connections.htm
NEW QUESTION 70
The Vault administrator can change the Vault license by uploading the new license to the system Safe.
- A. True
- B. False
Answer: A
NEW QUESTION 71
The vault does not support Role Based Access Control
- A. FALSE
- B. TRUE
Answer: A
NEW QUESTION 72
In a Disaster Recovery (DR) environment, which of the following should NEVER be configured for automatic failover due to the possibility of split-brain phenomenon?
- A. PTA
- B. Password Vault Web Access (PVWA)
- C. PSM
- D. CPM
Answer: A
NEW QUESTION 73
Ad-Hoc Access (formerly Secure Connect) provides the following features. (Choose all that apply.)
- A. Session Recording
- B. Real-time live session monitoring
- C. PSM connections from a terminal without the need to login to the PVWA
- D. PSM connections to target devices that are not managed by CyberArk
Answer: A,B,D
NEW QUESTION 74
The vault supports a number of dual factor authentication methods.
- A. FALSE
- B. TRUE
Answer: A
NEW QUESTION 75
All of your Unix root passwords are stored in the safe UnixRoot. Dual control is enabled for some of the accounts in that safe The members of the AD group UnixAdmms need to be able to use the show, copy, and connect buttons on those passwords at any time without confirmation The members of the AD group OperationsStaff need to be able to use the show, copy and connect buttons on those passwords on an emergency basis, but only with the approval of a member of OperationsManagers The members of OperationsManagers never need to be able to use the show, copy or connect buttons themselves.
Which safe permissions do you need to grant to UnixAdmins? Check all that apply
- A. Use Accounts
- B. Access Safe without Authorization
- C. List Accounts
- D. Retrieve Accounts
- E. Authorize Password Requests
Answer: A,B,C,D
NEW QUESTION 76
Multiple PSM Servers can be load balanced.
- A. FALSE
- B. TRUE
Answer: B
NEW QUESTION 77
Match the log file name with the CyberArk Component that generates the log.
Answer:
Explanation:
NEW QUESTION 78
Which utilities could you use to change debugging levels on the vault without having to restart the vault?
- A. PAR Agent
- B. PrivateArk Server Central Administration
- C. Setup.exe
- D. Edit DBParmi.ini in a text editor.
Answer: A
NEW QUESTION 79
What conditions must be met in order to log into the vault as the Master user? Select all that apply.
- A. Logon must be originated from the console of the Vault server or an EmergencyStation defined in DBParm.ini
- B. Logon requires the Recovery Private Key to be accessible to the vault.
- C. Logon must satisfy a challenge response request.
- D. User must provide the correct master password.
Answer: A,D
NEW QUESTION 80
Which of the following options is not set in the Master Policy?
- A. Password Expiration Time
- B. Password Complexity
- C. Enabling and Disabling of the Connection Through the PSM
- D. The use of "One-Time Passwords"
Answer: B
NEW QUESTION 81
What is the purpose of the password verify process?
- A. To change the password of an account according to organizationally defined password rules.
- B. To test that CyberArk is storing accurate credentials for accounts.
- C. To allow CyberArk to manage unknown or lost credentials.
- D. To generate a new complex password.
Answer: B
Explanation:
Reference:
%20user.
NEW QUESTION 82
When managing SSH keys. CPM automatically pushes the Public Key to the target system.
- A. FALSE
- B. TRUE
Answer: B
NEW QUESTION 83
What is the proper way to allow the Vault to resolve host names?
- A. Defining the local hosts file
- B. Define a DNS server
- C. Define a WINS server
- D. The Vault cannot resolve host names due to security standards
Answer: A
NEW QUESTION 84
Which user(s) can access all passwords in the vault
- A. Any member of Auditors
- B. Any member of Vault Admins
- C. Administrator
- D. Master
Answer: D
NEW QUESTION 85
A Vault Administrator wants to change the PSM Server ID to comply with a naming standard What is the processfor changing the PSM Server ID?
- A. First, logon to the PrivateArk Client as Administrator and open the PVWAConfig safe. Retrieve and edit the PVConfiguration.xml file. Search for the PSMServer Name and update the ID of the server you want to rename Save the file and copy back to the PVWAConfig safe. Restart the "CyberArk Privileged Session Manager" service on the PSM server.
- B. First, login to the PVWA. browse to Administration. System Configuration. Options. Pnvileged Session Management. Configured PSM Servers and select the PSM Server you need to change from the list of servers In the properties pane, set the value of the ID property to the new Server ID. click Apply and OK. Next, edit the basic_psm.ini file located on the PSM server in the PSM root directory and update the PSMServerlD parameter with the new Server ID. save the file and restart the "CyberArk Privileged Session Manager" service on the PSM server
- C. Options A and B above is the correct procedure
- D. Login to the PVWA. then change the PSMServer ID in Administration. System Configuration. Options, Privileged Session Management. Configured PSM Servers Run an IISRESET on all PVWA servers.
Answer: D
NEW QUESTION 86
After the Vault administrator configures syslog integration on the Vault, the Vault will be able to .
- A. forward audit records to Security Information and Event Management (SIEM).
- B. forward emails to SIEM.
- C. send out Simple Network Management Protocol (SNMP) traps.
- D. forward ITALOG records to Security Information and Event Management (SIEM).
Answer: A
NEW QUESTION 87
When managing SSH keys, the Central Policy Manager (CPM) stores the private key __________.
- A. nowhere because the private key can always be generated from the public key
- B. in the Vault and on the target server
- C. on the target server
- D. in the Vault
Answer: D
Explanation:
Explanation/Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/SSHKM/Managing%
20SSH%20Keys.htm
NEW QUESTION 88
What is the purpose of the Interval setting in a CPM policy?
- A. To control how long the CPM rests between password changes
- B. To control how often the CPM looks for System Initiated CPM work
- C. To control the maximum amount of time the CPM will wait for a password change to complete
- D. To control how often the CPM looks for User Initiated CPM work.
Answer: B
NEW QUESTION 89
......
Pass Your CAU302 Exam Easily with Accurate PDF Questions: https://guidetorrent.dumpstorrent.com/CAU302-exam-prep.html