CyberArk.CAU302.v2021-06-15.

q80

Exam Code: CAU302

Exam Name: CyberArk Defender + Sentry
Certification Provider: CyberArk
Free Question Number: 80
Version: v2021-06-15
# of views: 764
# of Questions views: 20989
https://www.freecram.com/torrent/CyberArk.CAU302.v2021-06-15.q80.html

NEW QUESTION: 1
The Application Inventory report is related to AIM.
A. FALSE
B. TRUE
Answer: B (LEAVE A REPLY)

NEW QUESTION: 2
How does the Vault administrator apply a new license file?
A. Upload the license.xml file to the Vault Internal Safe and restart the PrivateArk Server service.
B. Upload the license.xml file to the system Safe and restart the PrivateArk Server service.
C. Upload the license.xml file to the Vault Internal Safe.
D. Upload the license.xml file to the system Safe.
Answer: (SHOW ANSWER)

NEW QUESTION: 3
Match the log file name with the CyberArk Component that generates the log.

Answer:
NEW QUESTION: 4
Which is the correct order of installation for PAS components?
A. Vault, CPM. PSM, PVWA
B. CPM, Vault. PSM. PVWA
C. PVWA, Vault, CPM. PSM
D. Vault. CPM. PVWA. PSM
Answer: D (LEAVE A REPLY)

NEW QUESTION: 5
The vault server uses a modified version of the Microsoft Windows firewall
A. TRUE
B. FALSE
Answer: (SHOW ANSWER)

NEW QUESTION: 6
The vault does not support Role Based Access Control
A. TRUE
B. FALSE
Answer: B (LEAVE A REPLY)

NEW QUESTION: 7
One of your users is receiving the error message "ITATS006E Station is suspended for User
jsmith" when attempting to sign in to the pvw a. Which utility would you use to correct this
problem?
A. createcredfile.exe
B. cavaultmanager.exe
C. PVWA
D. PrivateArk
Answer: D (LEAVE A REPLY)

NEW QUESTION: 8
Within the Vault each password is encrypted by
A. The Recovery Private key
B. Its own unique key.
C. The Recovery Public Key
D. The Server Key
Answer: B (LEAVE A REPLY)

NEW QUESTION: 9
Which of the following are secure options for storing the contents of the Operator CD. while still
allowing the contents to be accessible upon a planned Vault restart? Choose alt that apply
A. Store the CD in a physical safe and mount the CD every time vault maintenance is performed.
B. Store the server key in the Provider cache
C. Copy the contents of the CD to the System Safe on the vault
D. Copy the contents of the CD to a folder on the vault server and secure it with NTFS
permissions.
E. Store the server key in a Hardware Security Module.
Answer: A,D,E (LEAVE A REPLY)

NEW QUESTION: 10
Which CyberArk components or products can be used to discover Windows Services or
Scheduled Tasks that use privileged accounts'? Select all that apply.
A. Accounts Discovery
B. Export Vault Data (EVD)
C. Auto Detection (AD)
D. Discovery and Audit (DNA)
E. On Demand Privileges Manager (OPM)
Answer: A,B,E (LEAVE A REPLY)

NEW QUESTION: 11
A vault admin received an email notification that a password verification process has failed Which
service sent the message?
A. The PrivateArk Server Service on the Vault.
B. The CyberArk Password Manager service on the Components Server.
C. The CyberArk Event Notification Engine Service on the Vault
D. The CyberArk Privileged Session Manager service on the Vault.
Answer: (SHOW ANSWER)

NEW QUESTION: 12
PSM captures a record of each command that was issues in SQL Plus.
A. FALSE
B. TRUE
Answer: (SHOW ANSWER)
NEW QUESTION: 13
Customers who have the 'Access Safe without confirmation' safe permission on a safe where
accounts are configured for Dual control, still need to request approval to use the account.
A. TRUE
B. FALSE
Answer: B (LEAVE A REPLY)

NEW QUESTION: 14
Which service should NOT be running on the DR Vault when the primary production Vault is up?
A. PrivateArk Database
B. CyberArk Logical Container
C. CyberArk Vault Disaster Recovery Service
D. PrivateArk Server
Answer: (SHOW ANSWER)

NEW QUESTION: 15
In version 10.7 the correct order of installation for components changed. Make the necessary
corrections to the list below to show the new installation order.
Select and Place:

Answer:
NEW QUESTION: 16
It is impossible to override Master Policy settings for a Platform
A. TRUE
B. FALSE
Answer: (SHOW ANSWER)

Valid CAU302 Dumps shared by Fast2test.com for Helping Passing CAU302 Exam!
Fast2test.com now offer the newest CAU302 exam dumps, the Fast2test.com CAU302 exam
questions have been updated and answers have been corrected get the newest
Fast2test.com CAU302 dumps with Test Engine here: https://www.fast2test.com/CAU302-
premium-file.html (230 Q&As Dumps, 30%OFF Special Discount: freecram)

NEW QUESTION: 17
Which credentials does CyberArk use when managing a target account?
A. Those of the service account for the CyberArk Password Manager
serviceD18912E1457D5D1DDCBD40AB3BF70D5D
B. An account assigned by the Master Policy
C. The credentials of the target account
D. A Domain Administrator account created for this purpose
Answer: (SHOW ANSWER)

NEW QUESTION: 18
In the vault each password is encrypted with a unique encryption key.
A. TRUE
B. FALSE
Answer: A (LEAVE A REPLY)
NEW QUESTION: 19
What is the purpose of the PrivateArk Server service?
A. Executes password changes.
B. Sends email alert from the Vault
C. Makes vault data accessible to components.
D. Maintains vault metadata.
Answer: C (LEAVE A REPLY)

NEW QUESTION: 20
In an SMTP integration it is recommended to use the fully-qualified domain name (FQDN) when
specifying the SMTP server addresses).
A. TRUE
B. FALSE
Answer: B (LEAVE A REPLY)

NEW QUESTION: 21
The PSM requires the Remote Desktop Web Access role service.
A. True
B. False
Answer: B (LEAVE A REPLY)

NEW QUESTION: 22
You have associated a logon account to one of your UNIX root accounts in the vault When
attempting to verify the root account's password the CPM will...
A. Log in first with the logon account, then run the su command to log in as root using the
password in the vault
B. None of these.
C. Prompt the end user with a dialog box asking for the login account to use.
D. Ignore the logon account and attempt to log in as root.
Answer: (SHOW ANSWER)

NEW QUESTION: 23
What is the purpose of the CyberArk Event Notification Engine service.
A. It makes vault data available to components.
B. It sends email messages from the Vault.
C. It processes audit report messages
D. It sends email messages from the CPM
Answer: B (LEAVE A REPLY)

NEW QUESTION: 24
Can ITALOG records be forwarded to the monitoring solution via Security Information and Event
Management (SIEM) integration?
A. No
B. Yes
Answer: (SHOW ANSWER)

NEW QUESTION: 25
Which of the following sends out Simple Network Management Protocol (SNMP) traps?
A. CyberArk Event Notification Engine
B. CyberArk SNMP agent
C. PrivateArk Server
D. PrivateArk Remote Control Agent
Answer: D (LEAVE A REPLY)

NEW QUESTION: 26
The Vault Internal safe contains the configuration for an LDAP integration
A. TRUE
B. FALSE
Answer: (SHOW ANSWER)

NEW QUESTION: 27
The PSM Gateway (also known as the HTML5 Gateway) can be installed
A. False, the PSM Gateway must be installed on a separate Windows machine
B. True
Answer: B (LEAVE A REPLY)

NEW QUESTION: 28
A SIEM integration is a powerful way to correlate Privileged Account Usage with Privileged
Account Activity.
A. TRUE
B. FALSE
Answer: A (LEAVE A REPLY)

NEW QUESTION: 29
Which utilities could you use to change debugging levels on the vault without having to restart the
vault Select all that apply.
A. PAR Agent
B. PrivateArk Server Central Administration
C. Edit DBParm.ini in a text editor.
D. Setup exe
Answer: A,B (LEAVE A REPLY)
NEW QUESTION: 30
Which of these accounts onboarding methods is considered proactive?
A. A DNA scan
B. Detecting accounts with PTA
C. Accounts Discovery
D. A Rest API integration with account provisioning software
Answer: B (LEAVE A REPLY)

NEW QUESTION: 31
In order to connect to a target device through PSM. the account credentials used for the
connection must be stored in the vault?
A. True
B. False. Because the user can also enter credentials manually using Secure Connect
C. False. Because if credentials are not stored in the vault, the PSM will log into the target device
as PSMConnect.
D. False Because if credentials are not stored in the vault, the PSM will prompt for credentials
The PSM enables users to connect securely to remote machines through the PSM from their own
workstations using all types of accounts, including accounts that are not managed in the
CyberArk Vault.
Answer: B (LEAVE A REPLY)

Valid CAU302 Dumps shared by Fast2test.com for Helping Passing CAU302 Exam!
Fast2test.com now offer the newest CAU302 exam dumps, the Fast2test.com CAU302 exam
questions have been updated and answers have been corrected get the newest
Fast2test.com CAU302 dumps with Test Engine here: https://www.fast2test.com/CAU302-
premium-file.html (230 Q&As Dumps, 30%OFF Special Discount: freecram)

NEW QUESTION: 32
Which user(s) can access all passwords in the vault
A. Any member of Auditors
B. Administrator
C. Master
D. Any member of Vault Admins
Answer: (SHOW ANSWER)

NEW QUESTION: 33
What is the primary purpose of Dual Control?
A. To force a 'collusion to commit' fraud ensuring no single actor may use a password without
authorization
B. Non-repudiation (individual accountability)
C. Reduced risk of credential theft
D. More frequent password changes
Answer: A (LEAVE A REPLY)

NEW QUESTION: 34
When on-boarding accounts using Accounts Feed. Which of the following is true"?
A. You must specify an existing Safe where the account will be stored when it is on-boarded to
the Vault.
B. Any account that is on-boarded can be automatically reconciled regardless of the platform it is
associated with
C. You can specify the name of a new safe that will be created where the account will be stored
when it is on-boarded to the Vault.
D. You can specify the name of a new Platform that will be created and associated with the
account.
Answer: A (LEAVE A REPLY)

NEW QUESTION: 35
A Simple Network Management Protocol (SNMP) integration allows the Vault administrator to
forward ITALOG records to a monitoring solution.
A. False
B. True
Answer: A (LEAVE A REPLY)

NEW QUESTION: 36
A Reconcile Account can be specified in the Master Policy.
A. FALSE
B. TRUE
Answer: A (LEAVE A REPLY)

NEW QUESTION: 37
For the hardening process to complete successfully, security products like Antivirus should be
installed on the Vault server before running the vault installer
A. TRUE
B. FALSE
Answer: A (LEAVE A REPLY)

NEW QUESTION: 38
During the process of installing the Central Policy Manager (CPM), the Vault administrator will be
asked to provide the credentials for an administrative user in the Vault. For which purpose are
these credentials used?
A. The credentials are used by the installer to register the CPM in the CyberArk database.
B. The credentials are used by the installer to authenticate to the Vault and create the Central
Policy Manager (CPM) environment (Safes, users, etc.).
C. The credentials will be used later by the CPM to update passwords in the Vault.
D. The credentials will be used later by the CPM to retrieve passwords from the Vault.
Answer: B (LEAVE A REPLY)

NEW QUESTION: 39
Which file is used to configure new firewall rules on the Vault?
A. dbparm.ini
B. padr.ini
C. paragent.ini
D. firewall.ini
Answer: A (LEAVE A REPLY)

NEW QUESTION: 40
Which is the purpose of the HeadStartInterval setting in a platform?
A. It instructs the AIM provider to 'skip the cache' during the defined time period.
B. It instructs the CPM to initiate the password change process certain number of days before
expiration.
C. It alerts users of upcoming password changes a certain number of days before expiration.
D. It determines how far in advance audit data is collected for reports.
Answer: B (LEAVE A REPLY)

NEW QUESTION: 41
What is the process to remove object level access control from a Safe?
A. Uncheck the 'Enable Object Level Access Control' box in the Safe Properties in PrivateArk.
B. Remove all ACLs from the Safe.
C. This cannot be done.
D. Uncheck the 'Enable Object Level Access Control' on the Safe Details page in the PVWA.
Answer: D (LEAVE A REPLY)

NEW QUESTION: 42
In an SIEM integration it is recommended to use the fully-qualified domain name (FGDN) when
specifying the SIEM server address(es).
A. TRUE
B. FALSE
Answer: (SHOW ANSWER)
NEW QUESTION: 43
Which combination of safe member permissions will allow End Users to log in to a remote
machine transparently but NOT show or copy the password?
A. List Accounts, Retrieve Accounts
B. Use Accounts, List Accounts
C. Use Accounts
D. Use Accounts, Retrieve Accounts, List Accounts
Answer: A (LEAVE A REPLY)

NEW QUESTION: 44
dbparm.ini is the main configuration file for the vault.
A. FALSE
B. TRUE
Answer: (SHOW ANSWER)

NEW QUESTION: 45
During the process of installing the CPM, you will be asked to provide the credentials for an
administrate user in the Vault. What are these credentials used for?
A. The credentials are used by the installer to authenticate to the Vault and create the CPM
environment (safes, users, etc.)
B. The credentials will be used later by the CPM to retrieve passwords from the Vault
C. The credentials will be used later by the CPM to update passwords in the Vault
D. The credentials are by the installer to register the CPM in the CyberArk database
Answer: A (LEAVE A REPLY)

NEW QUESTION: 46
Any user can monitor live sessions in real time when users initiate RDP connection via Secure
Connect through PSM?
A. FALSE
B. TRUE
Answer: A (LEAVE A REPLY)

Valid CAU302 Dumps shared by Fast2test.com for Helping Passing CAU302 Exam!
Fast2test.com now offer the newest CAU302 exam dumps, the Fast2test.com CAU302 exam
questions have been updated and answers have been corrected get the newest
Fast2test.com CAU302 dumps with Test Engine here: https://www.fast2test.com/CAU302-
premium-file.html (230 Q&As Dumps, 30%OFF Special Discount: freecram)
NEW QUESTION: 47
Select the best practice for storing the Master CD.
A. Copy the contents of the CD to a Hardware Security Module and discard the CD.
B. Copy the files to the Vault server and discard the CD.
C. Store the CD in a secure location, such as a physical safe.
D. Store the CD in a secure location, such as a physical safe, and copy the contents of the CD to
a folder (secured with NTFS permissions) on the vault.
Answer: D (LEAVE A REPLY)

NEW QUESTION: 48
Multiple PVWA servers provide automatic load balancing.
A. FALSE
B. TRUE
Answer: A (LEAVE A REPLY)

NEW QUESTION: 49
How does the Vault administrator configure the CyberArk Disaster Recovery (DR) solution to
perform automatic failover in case of failure in the Primary Vault?
A. By setting "FailoverMode=yes" in the padr.ini file
B. By setting "EnableFailover=yes" in the dbparm.ini file
C. By setting "EnableFailover=yes" in the padr.ini file
D. By setting "FailoverMode=yes" in the dbparm.ini file
Answer: (SHOW ANSWER)

NEW QUESTION: 50
After the Vault administrator configures syslog integration on the Vault, the Vault will be able to .
A. forward emails to SIEM.
B. forward ITALOG records to Security Information and Event Management (SIEM).
C. send out Simple Network Management Protocol (SNMP) traps.
D. forward audit records to Security Information and Event Management (SIEM).
Answer: (SHOW ANSWER)

NEW QUESTION: 51
The Vault administrator can change the Vault license by uploading the new license to the system
Safe.
A. True
B. False
Answer: A (LEAVE A REPLY)

NEW QUESTION: 52
Name two ways of viewing the ITAlog:
A. Go to the Thirdpary log directory on the CPM
B. Log into the PVWA and go to the Reports tab.
C. Access the System Safe from the PrivateArk client.
D. Log into the vault locally and navigate to the Server folder under the PrivateArk install location.
Answer: C,D (LEAVE A REPLY)

NEW QUESTION: 53
Which report could show all accounts that are past their expiration dates?
A. Activity log
B. Privileged Account Inventory report
C. Privileged Account Compliance Status report
D. Applications Inventory report
Answer: (SHOW ANSWER)

NEW QUESTION: 54
Multiple Vault Servers can be load balanced.
A. False
B. True
Answer: B (LEAVE A REPLY)

NEW QUESTION: 55
The DR module allows an integration with Enterprise Backup software
A. TRUE
B. FALSE
Answer: (SHOW ANSWER)

NEW QUESTION: 56
A safe was recently created by a user who is a member of the LDAP Vault Administrators group.
Which of the following users does not have access to the newly created safe by default?
A. Backup
B. Master
C. Auditor
D. Administrator
Answer: A (LEAVE A REPLY)

NEW QUESTION: 57
The vault does not support Subnet Based Access Control.
A. TRUE
B. FALSE
Answer: B (LEAVE A REPLY)
NEW QUESTION: 58
Which Master Policy Setting(s) must be active in order to have an account checked-out by one
user for a predetermined amount of time?
A. Enforce check-in/check-out exclusive access & Enforce one-time password access
B. Enforce one-time password access
C. Require dual control password access Approval
D. Enforce check-in/check-out exclusive access
Answer: D (LEAVE A REPLY)

NEW QUESTION: 59
CyberArk recommends implementing object level access control on all Safes.
A. False
B. True
Answer: B (LEAVE A REPLY)

NEW QUESTION: 60
What values are acceptable in the address field on the Accounts Details.
A. It must be an IP address
B. Any name that is resolvable on the CPM server is acceptable
C. It must be a fully qualified domain name (FQDN)
D. It must be NetBIOS name
Answer: B (LEAVE A REPLY)

NEW QUESTION: 61
PSM requires the Remote Desktop Gateway role service.
A. TRUE
B. FALSE
Answer: B (LEAVE A REPLY)

Valid CAU302 Dumps shared by Fast2test.com for Helping Passing CAU302 Exam!
Fast2test.com now offer the newest CAU302 exam dumps, the Fast2test.com CAU302 exam
questions have been updated and answers have been corrected get the newest
Fast2test.com CAU302 dumps with Test Engine here: https://www.fast2test.com/CAU302-
premium-file.html (230 Q&As Dumps, 30%OFF Special Discount: freecram)

NEW QUESTION: 62
CyberArk implements license limits by controlling the number and types of users that can be
provisioned in the vault.
A. TRUE
B. FALSE
Answer: (SHOW ANSWER)

NEW QUESTION: 63
As long as you are a member of the Vault Admins group, you can grant any permission on any
safe that you have access to.
A. FALSE
B. TRUE
Answer: (SHOW ANSWER)

NEW QUESTION: 64
Which IP port and Protocol are used by the CyberArk Secure Proprietary Protocol?
A. TCP/22
B. UDP/1812
C. TCP/636
D. TCP/1858
Answer: (SHOW ANSWER)

NEW QUESTION: 65
When managing SSH keys, the CPM stores the Public Key ________________.
A. On the target server
B. Nowhere because the public key can always be generated from the private key
C. A & B
D. In the Vault
Answer: A (LEAVE A REPLY)

NEW QUESTION: 66
If a password is changed manually on a server, bypassing the CPM, how would you configure the
account so that the CPM could resume management automatically?
A. Configure the Provider to change the password to match the Vault's Password
B. Associate a reconcile account and configure the platform to reconcile automatically
C. Run the correct auto detection process to rediscover the password
D. Associate a logon account and configure the platform to reconcile automatically
Answer: B (LEAVE A REPLY)

NEW QUESTION: 67
When is the transparent user provisioned initially in the vault?
A. When a directory mapping matching that user id is created.
B. When a vault admin completes the LDAP configuration wizard
C. During the vault's nightly LDAP refresh.
D. The first time the user logs in.
Answer: D (LEAVE A REPLY)

NEW QUESTION: 68
When managing SSH keys, the Central Policy Manager (CPM) stores the private key .
A. in the Vault
B. on the target server
C. nowhere because the private key can always be generated from the public key
D. in the Vault and on the target server
Answer: A (LEAVE A REPLY)

NEW QUESTION: 69
Which of the Following can be configured in the Master Policy? Choose all that apply
A. Dual Control
B. Password Aging Rules
https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/11.4/en/Content/PASIMP/Working-with-
Master-Policy-Rules.htm
C. One Time Passwords
D. Exclusive Passwords
E. Required Properties
F. Password Reconciliation
G. Ticketing Integration
H. Custom Connection Components
Answer: A,B,C,D (LEAVE A REPLY)

NEW QUESTION: 70
Accounts Discovery allows secure connections to domain controllers.
A. True
B. False
Answer: B (LEAVE A REPLY)

NEW QUESTION: 71
When using multiple Central Policy Managers (CPM), which one of the following Safes is shared
by all CPMs?
A. PasswordManager_ADInternal
B. PasswordManager_workspace
C. PasswordManagerSharedSafe
D. PasswordManager_Pending
Answer: C (LEAVE A REPLY)

NEW QUESTION: 72
In a Distributed Vaults environment, which of the following components will NOT be
communicating with the Satellite Vaults?
A. Central Policy Manager
B. PAReplicate utility
C. ExportVaultData utility
D. AAM Credential Provider (previously known as AIM Credential Provider)
Answer: A (LEAVE A REPLY)

NEW QUESTION: 73
Which keys are required to be present in order to start the PrivateArk Server Service? Select all
that apply.
A. Safe Key
B. Recovery Public Key
C. Server Key
D. Recovery Private Key
Answer: C (LEAVE A REPLY)

NEW QUESTION: 74
Which file is used to integrate the Vault with your Radius server?
A. ENEConf.ini
B. paragent ini
C. radius.ini
D. dbparm.ini
Answer: D (LEAVE A REPLY)

NEW QUESTION: 75
When working with the CyberArk Cluster, the Virtual IP is used by:
A. The Vault nodes for exchanging keep alive messages over the public network.
B. The CyberArk components to communicate with the Vault Cluster over the public network.
C. The CyberArk components to communicate with the Vault Cluster over the private network.
D. The Vault nodes for exchanging keep alive messages over the public network.
Answer: B (LEAVE A REPLY)

NEW QUESTION: 76
The Vault Internal safe contains all of the configuration for the vault.
A. FALSE
B. TRUE
Answer: B (LEAVE A REPLY)
 Valid CAU302 Dumps shared by Fast2test.com for Helping Passing CAU302 Exam!
Fast2test.com now offer the newest CAU302 exam dumps, the Fast2test.com CAU302 exam
questions have been updated and answers have been corrected get the newest
Fast2test.com CAU302 dumps with Test Engine here: https://www.fast2test.com/CAU302-
premium-file.html (230 Q&As Dumps, 30%OFF Special Discount: freecram)

NEW QUESTION: 77
It is possible to disable the Show and Copy buttons without removing the Retrieve permission on
a safe.
A. FALSE
B. TRUE
Answer: (SHOW ANSWER)

NEW QUESTION: 78
Which of the following is considered a prerequiste for installing PSM?
A. Provider
B. IIS Web Services Role
C. HTML5 Gateway
D. Remote Desktop Services
Answer: (SHOW ANSWER)

NEW QUESTION: 79
Which user is automatically given all Safe authorizations on all Safes?
A. Master
B. Operator
C. Auditor
D. Administrator
Answer: A (LEAVE A REPLY)

NEW QUESTION: 80
Which file does the Vault administrator need to edit in order to configure the integration of the
Vault with the radius server?
A. ENEConf.ini
B. dbparm.ini
C. PARagent.ini
D. radius.ini
Answer: B (LEAVE A REPLY)
Valid CAU302 Dumps shared by Fast2test.com for Helping Passing CAU302 Exam!
Fast2test.com now offer the newest CAU302 exam dumps, the Fast2test.com CAU302 exam
questions have been updated and answers have been corrected get the newest
Fast2test.com CAU302 dumps with Test Engine here: https://www.fast2test.com/CAU302-
premium-file.html (230 Q&As Dumps, 30%OFF Special Discount: freecram)