Weekend Sale Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Activedumpsnet Logo
  1. Home
  2. CyberArk
  3. CyberArk CDE Certification
  4. PAM-CDE-RECERT - CyberArk CDE Recertification

CyberArk PAM-CDE-RECERT CyberArk CDE Recertification Exam Practice Test

Page: 1 / 21
Total 207 questions
Get PAM-CDE-RECERT Full Access Download PAM-CDE-RECERT PDF

CyberArk CDE Recertification Questions and Answers

Question 1

The Vault administrator can change the Vault license by uploading the new license to the system Safe.

Options:

A.

True

B.

False

Question 2

How does the Vault administrator apply a new license file?

Options:

A.

Upload the license.xml file to the system Safe and restart the PrivateArk Server service

B.

Upload the license.xml file to the system Safe

C.

Upload the license.xml file to the Vault Internal Safe and restart the PrivateArk Server service

D.

Upload the license.xml file to the Vault Internal Safe

Question 3

PTA can automatically suspend sessions if suspicious activities are detected in a privileged session, but only if the session is made via the CyberArk PSM.

Options:

A.

True

B.

False, the PTA can suspend sessions whether the session is made via the PSM or not

Question 4

You want to generate a license capacity report.

Which tool accomplishes this?

Options:

A.

Password Vault Web Access

B.

PrivateArk Client

C.

DiagnoseDB Report

D.

RestAPI

Question 5

Which PTA sensors are required to detect suspected credential theft?

Options:

A.

Logs, Vault Logs

B.

Logs, Network Sensor, Vault Logs

C.

Logs, PSM Logs, CPM Logs

D.

Logs, Network Sensor, EPM

Question 6

Users who have the 'Access Safe without confirmation' safe permission on a safe where accounts are configured for Dual control, still need to request approval to use the account.

Options:

A.

TRUE

B.

FALSE

Question 7

The Privileged Access Management solution provides an out-of-the-box target platform to manage SSH keys, called UNIX Via SSH Keys.

How are these keys managed?

Options:

A.

CyberArk stores Private keys in the Vault and updates Public keys on target systems.

B.

CyberArk stores Public keys in the Vault and updates Private keys on target systems.

C.

CyberArk does not store Public or Private keys and instead uses a reconcile account to create keys on demand.

D.

CyberArk stores both Private and Public keys and can update target systems with either key.

Question 8

Match the Status of Service on a DR Vault to what is displayed when it is operating normally in Replication mode.

Question # 8

Options:

Question 9

Which CyberArk utility allows you to create lists of Master Policy Settings, owners and safes for output to text files or MSSQL databases?

Options:

A.

Export Vault Data

B.

Export Vault Information

C.

PrivateArk Client

D.

Privileged Threat Analytics

Question 10

Which user is automatically added to all Safes and cannot be removed?

Options:

A.

Auditor

B.

Administrator

C.

Master

D.

Operator

Question 11

Which Cyber Are components or products can be used to discover Windows Services or Scheduled Tasks that use privileged accounts? Select all that apply.

Options:

A.

Discovery and Audit (DMA)

B.

Auto Detection (AD)

C.

Export Vault Data (EVD)

D.

On Demand Privileges Manager (OPM)

E.

Accounts Discovery

Question 12

When managing SSH keys, the CPM stored the Private Key

Options:

A.

In the Vault

B.

On the target server

C.

A & B

D.

Nowhere because the private key can always be generated from the public key.

Question 13

Which of these accounts onboarding methods is considered proactive?

Options:

A.

Accounts Discovery

B.

Detecting accounts with PTA

C.

A Rest API integration with account provisioning software

D.

A DNA scan

Question 14

When creating an onboarding rule, it will be executed upon .

Options:

A.

All accounts in the pending accounts list

B.

Any future accounts discovered by a discovery process

C.

Both “All accounts in the pending accounts list” and “Any future accounts discovered by a discovery process”

Question 15

You are onboarding 5,000 UNIX root accounts for rotation by the CPM. You discover that the CPM is unable to log in directly with the root account and will need to use a secondary account.

How should this be configured to allow for password management using least privilege?

Options:

A.

Configure each CPM to use the correct logon account.

B.

Configure each CPM to use the correct reconcile account.

C.

Configure the UNIX platform to use the correct logon account.

D.

Configure the UNIX platform to use the correct reconcile account.

Question 16

You need to enable the PSM for all platforms.

Where do you perform this task?

Options:

A.

Platform Management > (Platform) > UI & Workflows

B.

Master Policy > Session Management

C.

Master Policy > Privileged Access Workflows

D.

Administration > Options > Connection Components

Question 17

Which command configures email alerts within PTA if settings need to be changed post install?

Options:

A.

/opt/tomcat/utility/emailConfiguration.sh

B.

/opt/PTA/emailConfiguration.sh

C.

/opt/PTA/utility/emailConfig.sh

D.

/opt/tomcat/utility/emailSetup.sh

Question 18

The vault supports Role Based Access Control.

Options:

A.

TRUE

B.

FALSE

Question 19

Which is the primary purpose of exclusive accounts?

Options:

A.

Reduced risk of credential theft

B.

More frequent password changes

C.

Non-repudiation (individual accountability)

D.

To force a ‘collusion to commit’ fraud ensuring no single actor may use a password without authorization

Question 20

Via Password Vault Web Access (PVWA), a user initiates a PSM connection to the target Linux machine using RemoteApp. When the client’s machine makes an RDP connection to the PSM server, which user will be utilized?

Options:

A.

Credentials stored in the Vault for the target machine

B.

Shadowuser

C.

PSMConnect

D.

PSMAdminConnect

Question 21

You have been asked to design the number of PVWAs a customer must deploy. The customer has three data centers with a distributed vault in each, requires high availability, and wants to use all vaults, at all times. How many PVWAs does the customer need?

Options:

A.

six

B.

four

C.

two

D.

three

Question 22

You have been asked to identify the up or down status of Vault services.

Which CyberArk utility can you use to accomplish this task?

Options:

A.

Vault Replicator

B.

PAS Reporter

C.

Remote Control Agent

D.

Syslog

Question 23

CyberArk implements license limits by controlling the number and types of users that can be provisioned in the vault.

Options:

A.

TRUE

B.

FALSE

Question 24

Which Master Policy Setting must be active in order to have an account checked-out by one user for a pre-determined amount of time?

Options:

A.

Require dual control password access Approval

B.

Enforce check-in/check-out exclusive access

C.

Enforce one-time password access

D.

Enforce check-in/check-out exclusive access & Enforce one-time password access

Question 25

A Vault administrator have associated a logon account to one of their Unix root accounts in the vault. When attempting to verify the root account’s password the Central Policy Manager (CPM) will:

Options:

A.

ignore the logon account and attempt to log in as root

B.

prompt the end user with a dialog box asking for the login account to use

C.

log in first with the logon account, then run the SU command to log in as root using the password in the Vault

D.

none of these

Question 26

Which of the following statements are NOT true when enabling PSM recording for a target Windows server? (Choose all that apply)

Options:

A.

The PSM software must be instated on the target server

B.

PSM must be enabled in the Master Policy (either directly, or through exception)

C.

PSMConnect must be added as a local user on the target server

D.

RDP must be enabled on the target server

Question 27

A user has successfully conducted a short PSM session and logged off. However, the user cannot access the Monitoring tab to view the recordings.

What is the issue?

Options:

A.

The user must login as PSMAdminConnect

B.

The PSM service is not running

C.

The user is not a member of the PVWAMonitor group

D.

The user is not a member of the Auditors group

Question 28

What is the easiest way to duplicate an existing platform?

Options:

A.

From PrivateArk, copy/paste the appropriate Policy.ini file: then rename it.

B.

from the PVWA, navigate to the platforms page, select the existing platform that is similar to the new target account platform and click Duplicate, name the new platform.

C.

From PrivateArk, cop/paste the appropriate setting in the PVConfiguration.xml then update the policName variable.

D.

From the PVWA, navigate to the platforms page, select existing platform that is similar to the new target account platform, manually update the platform settings and click "Save as" instead of save to duplicate and rename the platform.

Question 29

When onboarding multiple accounts from the Pending Accounts list, which associated setting must be the same across the selected accounts?

Options:

A.

Platform

B.

Connection Component

C.

CPM

D.

Vault

Question 30

As vault Admin you have been asked to configure LDAP authentication for your organization's CyberArk users. Which permissions do you need to complete this task?

Options:

A.

Audit Users and Add Network Areas

B.

Audit Users and Manage Directory Mapping

C.

Audit Users and Add/Update Users

D.

Audit Users and Activate Users

Question 31

You are logging into CyberArk as the Master user to recover an orphaned safe.

Which items are required to log in as Master?

Options:

A.

Master CD, Master Password, console access to the Vault server, Private Ark Client

B.

Operator CD, Master Password, console access to the PVWA server, PVWA access

C.

Operator CD, Master Password, console access to the Vault server, Recover.exe

D.

Master CD, Master Password, console access to the PVWA server, Recover.exe

Load More PAM-CDE-RECERT Questions 
Page: 1 / 21
Total 207 questions
Get PAM-CDE-RECERT Full Access Download PAM-CDE-RECERT PDF