CyberArk CDE Recertification v1.0
Question 1
You have been asked to identify the up or down status of Vault services.
Which CyberArk utility can you use to accomplish this task?
- A. Vault Replicator
- B. PAS Reporter
- C. Remote Control Agent
- D. Syslog
Answer : C
Question 2
DRAG DROP -
Match each key to its recommended storage location.
Answer : 
Question 3
What is a valid combination of primary and secondary layers of authentication to a company's two-factor authentication policy?
- A. RSA SecurID Authentication (in PVWA) and LDAP Authentication
- B. CyberArk Authentication and RADIUS Authentication
- C. Oracle SSO (in PVWA) and SAML Authentication
- D. LDAP Authentication and RADIUS Authentication
Answer : D
Question 4
DRAG DROP -
Match each PTA alert category with the PTA sensors that collect the data for it.
Answer : 
Question 5
You are beginning the post-install process after the PSM installation is completed
What must you do?
- A. Disable screen saver for the PSM local users
- B. Create a new group called PSMShadowUsers.
- C. Reset the PSMAdminConnect user password
- D. Enable load balancing on the PSM server.
Answer : C
Question 6
A customer's environment has three data centers consisting of 5,000 servers in Germany, 10,000 servers Canada, 1,500 servers in Singapore. You want to manage target servers and avoid complex firewall rules.
How many CPMs should you deploy?
- A. 1
- B. 3 total, 1 per data center
- C. 15
- D. 6 total, 2 per data center
Answer : D
Question 7
How should you configure PSM for SSH to support load balancing?
- A. by using a network load balancer
- B. in PVWA > Options > PSM for SSH Proxy > Servers
- C. in PVWA > Options > PSM for SSH Proxy > Servers > VIP
- D. by editing sshd.config on the all the PSM for SSH servers
Answer : C
Question 8
Which statement is correct concerning accounts that are discovered, but cannot be added to the Vault by an automated onboarding rule?
- A. They are added to the Pending Accounts list and can be reviewed and manually uploaded.
- B. They cannot be onboarded to the Password Vault.
- C. They must be uploaded using third party tools.
- D. They are not part of the Discovery Process.
Answer : A
Question 9
Which of the following properties are mandatory when adding accounts from a file? (Choose three.)
- A. Safe Name
- B. Platform ID
- C. All required properties specified in the Platform
- D. Username
- E. Address
- F. Hostname
Answer : BDF
Question 10
To manage automated onboarding rules, a CyberArk user must be a member of which group?
- A. Vault Admins
- B. CPM User
- C. Auditors
- D. Administrators
Answer : A
Question 11
Which CyberArk group does a user need to be part of to view recordings or live monitor sessions?
- A. Auditors
- B. Vault Admin
- C. DR Users
- D. Operators
Answer : B
Question 12
After installing the first PSM server and before installing additional PSM servers, you must ensure the user performing the installation is not a direct owner of which safe?
- A. PSMUnmanagedSessionAccounts Safe
- B. PSMRecordingsSessionAccounts Safe
- C. PSMUnmanagedApplicationAccounts Safe
- D. PSMSessionBackupAccounts Safe
Answer : A
Question 13
You are creating a shared safe for the help desk.
What must be considered regarding the naming convention?
- A. Ensure your naming convention is no longer than 20 characters.
- B. Combine environments, owners and platforms to minimize the total number of safes created.
- C. Safe owners should determine the safe name to enable them to easily remember it.
- D. The use of these characters V:*<>".| is not allowed.
Answer : D
Question 14
What is the configuration file used by the CPM scanner when scanning UNIX/Linux devices?
- A. UnixPrompts.ini
- B. plink.exe
- C. dbparm.ini
- D. PVConfig.xml
Answer : D
Question 15
You are setting up a Linux host to act as an HTML 5 gateway for PSM sessions.
Which servers need to be trusted by the Linux host to secure communications through the gateway?
- A. PSM and PVWA
- B. PSM and CPM
- C. PVWA and Vault
- D. Vault and PSM
Answer : B