CyberArk Endpoint Privilege Manager v1.0

Page:    1 / 4   
Exam contains 58 questions
Expand All

An EPM Administrator would like to enable CyberArk EPM's Ransomware Protection in Restrict mode. What should the EPM Administrator do?

  • A. Set Block unhandled applications to On.
  • B. Set Protect Against Ransomware to Restrict.
  • C. Set Protect Against Ransomware to Restrict and Set Block unhandled applications to On.
  • D. Set Control unhandled applications to Detect.


Answer : C

Where would an EPM admin configure an application policy that depends on a script returning true for an end user's machine being connected to an open (no password protection) Wi-Fi?

  • A. Advanced Policy - Application Control - Check Wi-Fi security
  • B. Advanced Policy - Options: Conditional enforcement - Apply Policy according to Script execution result
  • C. Default policies - Check if network access is secure
  • D. Advanced Policy - Access - Specify permissions to be set for Wi-Fi network security


Answer : B

An EPM Administrator would like to enable a Threat Protection policy, however, the policy protects an application that is not installed on all endpoints.
What should the EPM Administrator do?

  • A. Enable the Threat Protection policy and configure the Policy Targets.
  • B. Do not enable the Threat Protection policy.
  • C. Enable the Threat Protection policy only in Detect mode.
  • D. Split up the endpoints in to separate Sets and enable Threat Protection for only one of the Sets.


Answer : D

Which policy can be used to improve endpoint performance for applications commonly used for software development?

  • A. Developer Applications
  • B. Trusted Application
  • C. Trusted Source
  • D. Software Updater


Answer : B

What are the predefined application groups?

  • A. Developer group, Administrator group
  • B. Run as Administrator, Run as Developer, Block
  • C. Elevate, Allow, Block, Developer Applications
  • D. Block Only


Answer : C

In EPM, creation of which user type is required to use SAML?

  • A. Local CyberArk EPM User
  • B. AD User
  • C. SQL User
  • D. Azure AD User


Answer : D

For Advanced Policies, what can the target operating system users be set to?

  • A. Local or AD users and groups, Azure AD User, Azure AD Group
  • B. AD Groups, Azure AD Groups
  • C. Local or AD users and groups
  • D. Local or AD users, Azure AD Users


Answer : C

A particular user in company ABC requires the ability to run any application with administrative privileges every day that they log in to their systems for a total duration of 5 working days.
What is the correct solution that an EPM admin can implement?

  • A. An EPM admin can generate a JIT access and elevation policy with temporary access timeframe set to 120 hours
  • B. An EPM admin can generate a JIT access and elevation policy with temporary access timeframe set to 120 hours and Terminate administrative processes when the policy expires option unchecked
  • C. An EPM admin can create an authorization token for each application needed by running: EPMOPAGtool.exe -command gentoken -targetUser <username> -filehash <file hash> -timeLimit 120 -action run
  • D. An EPM admin can create a secure token for the end user's computer and instruct the end user to open an administrative command prompt and run the command vfagent.exe -UseToken <securetoken_value>


Answer : B

After a clean installation of the EPM agent, the local administrator password is not being changed on macOS and the old password can still be used to log in.
What is a possible cause?

  • A. Secure Token on macOS endpoint is not enabled.
  • B. EPM agent is not able to connect to the EPM server.
  • C. After installation, Full Disk Access for the macOS agent to support EPM policies was not approved.
  • D. Endpoint password policy is too restrictive.


Answer : A

If you want to diagnose agent EPM agent connectivity issues, what is the agent executable that can be used from the command line?

  • A. vf_agent.exe
  • B. epm_agent.exe
  • C. vault_agent.exe
  • D. db_agent.exe


Answer : B

A policy needs to be created to block particular applications for a specific user group. Based on CyberArk's policy naming best practices, what should be included in the policy's name?

  • A. Policy creation date
  • B. Target use group
  • C. Creator of the policy
  • D. The policy's Set name


Answer : B

An application has been identified by the LSASS Credentials Harvesting Module.
What is the recommended approach to excluding the application?

  • A. In Agent Configurations, add the application to the Threat Protection Exclusions.
  • B. Add the application to the Files to be Ignored Always in Agent Configurations.
  • C. Exclude the application within the LSASS Credentials Harvesting module.
  • D. Add the application to an Advanced Policy or Application Group with an Elevate policy action.


Answer : A

What are valid policy options for JIT and elevation policies?

  • A. Grant temporary access for all users, Policy name, Restart administrative processes in admin approval mode, Collect audit information
  • B. Grant temporary access for, Policy name, Terminate administrative processes when the policy expires, Collect audit information
  • C. Grant administrative access, Policy name, Log off to apply policy, Collect policy violation information
  • D. Terminate administrative services, Grant policy access for, Policy name, Collect audit reports


Answer : C

How does a Trusted Source policy affect an application?

  • A. Applications will be allowed to run and will only elevate if required.
  • B. Applications will be allowed to run and will inherit the process token from the EPM agent.
  • C. Applications will be allowed to run always in elevated mode.
  • D. Application from the defined trusted sources must be configured on a per applicationbasis, in order to define run and elevation parameters.


Answer : D

On the Default Policies page, what are the names of policies that can be set as soon as EPM is deployed?

  • A. Privilege Escalation, Privilege Management, Application Management
  • B. Privilege Management, Application Control, Threat analysis
  • C. Privilege Management, Threat Protection, Application Escalation Control
  • D. Privilege Management, Privilege Threat Protection, Local Privileged Accounts Management


Answer : D

Page:    1 / 4   
Exam contains 58 questions
Expand All

Talk to us!

Have any questions or issues ? Please dont hesitate to contact us

[email protected]

Certlibrary.com is owned by MBS Tech Limited: Room 1905 Nam Wo Hong Building, 148 Wing Lok Street, Sheung Wan, Hong Kong. Company registration number: 2310926
Certlibrary doesn't offer Real Microsoft Exam Questions. Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Terms & Conditions | Privacy Policy