Latest [Mar 30, 2022] CAU201 Exam Questions – Valid CAU201 Dumps Pdf [Q96-Q114]

4/5 - (3 votes)

Latest [Mar 30, 2022] CAU201 Exam Questions – Valid CAU201 Dumps Pdf

CAU201 Practice Test Questions Answers Updated 179 Questions

Understanding functional and technical aspects of CyberArk Security and Audit

The following will be discussed in the CAU-201 exam dumps:

Configure a Response to Unmanaged Credentials
Utilize safe permissions to limit the scope of reports for specific users
Configure email alerts in PTA
Describe all reports and what information they give a user
Configure Automatic Session Termination
Review a recording
Understand the purpose of EVD
Describe the various PTA detections
Configure a Response to Credential Theft

NEW QUESTION 96
Match each key to its recommended storage location.

NEW QUESTION 97
Match each permission to where it can be found.

NEW QUESTION 98
You want to generate a license capacity report.
Which tool accomplishes this?

Password Vault Web Access

PrivateArk Client

DiagnoseDB Report

RestAPI

NEW QUESTION 99
Due to network activity, ACME Corp’s PrivateArk Server became active on the OR Vault while the Primary Vault was also running normally. All the components continued to point to the Primary Vault.
Which steps should you perform to restore DR replication to normal?

Replicate data from DR Vault to Primary Vault > Shutdown PrivateArk Server on DR Vault > Start replication on DR vault

Shutdown PrivateArk Server on DR Vault > Start replication on DR vault

Shutdown PrivateArk Server on Primary Vault > Replicate data from DR Vault to Primary Vault > Shutdown PrivateArk Server on DR Vault > Start replication on DR vault

Shutdown PrivateArk Server on DR Vault > Replicate data from DR Vault to Primary Vault > Shutdown PrivateArk Server on DR Vault > Start replication on DR vault

NEW QUESTION 100
What is the purpose of the password change process?

To test that CyberArk is storing accurate credentials for accounts

To change the password of an account according to organizationally defined password rules

To allow CyberArk to manage unknown or lost credentials

To generate a new complex password

NEW QUESTION 101
Which of the following are secure options for storing the contents of the Operator CD, while still allowing the contents to be accessible upon a planned Vault restart? (Choose three.)

Store the CD in a physical safe and mount the CD every time Vault maintenance is performed

Copy the entire contents of the CD to the system Safe on the Vault

Copy the entire contents of the CD to a folder on the Vault Server and secure it with NTFS permissions

Store the server key in a Hardware Security Module (HSM) and copy the rest the keys from the CD to a folder on the Vault Server and secure it with NTFS permissions

NEW QUESTION 102
An auditor needs to login to the PSM in order to live monitor an active session. Which user ID is used to establish the RDP connection to the PSM server?

PSMConnect

PSMMaster

PSMGwUser

PSMAdminConnect

NEW QUESTION 103
Which CyberArk group does a user need to be part of to view recordings or live monitor sessions?

Auditors

Vault Admin

DR Users

Operators

NEW QUESTION 104
When on-boarding account using Accounts Feed, which of the following is true?

You must specify an existing Safe where the account will be stored when it is on-boarded to the Vault.

You can specify the name of a new safe that will be created where the account will be stored when it is on-boarded to the Vault.

You can specify the name of a new Platform that will be created and associated with the account.

Any account that is on-boarded can be automatically reconciled regardless of the platform it is associated with.

Explanation/Reference:
Reference: https://www.cyberark.com/resource/automating-privileged-account-onboarding/

NEW QUESTION 105
CyberArk recommends implementing object level access control on all Safes.

True

False

NEW QUESTION 106
When managing SSH keys, the CPM stores the Public Key

In the Vault

On the target server

A & B

Nowhere because the public key can always be generated from the private key.

NEW QUESTION 107
It is possible to restrict the time of day, or day of week that a [b]reconcile[/b] process can occur

TRUE

FALS

NEW QUESTION 108
Which of the following PTA detections are included in the Core PAS offering?

Suspected Credential Theft

Over-Pass-The Hash

Golden Ticket

Unmanaged Privileged Access

NEW QUESTION 109
The password upload utility must run from the CPM server

TRUE

FALSE

Explanation/Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Password- Upload-Utility.htm

NEW QUESTION 110
Which of the following Privileged Session Management solutions provide a detailed audit log of session
activities?

PSM (i.e., launching connections by clicking on the “Connect” button in the PVWA)

PSM for Windows (previously known as RDP Proxy)

PSM for SSH (previously known as PSM SSH Proxy)

All of the above

NEW QUESTION 111
Can the ‘Connect’ button be used to initiate an SSH connection, as root, to a Unix system when SSH access for root is denied?

Yes, when using the connect button, CyberArk uses the PMTerminal.exe process which bypasses the root SSH restriction.

Yes, only if a logon account is associated with the root account and the user connects through the PSM- SSH connection component.

Yes, if a logon account is associated with the root account.

No, it is not possible.

Explanation/Reference: https://www.reddit.com/r/CyberARk/comments/7zx8w5/ssh_connection/

NEW QUESTION 112
All of your Unix root passwords are stored in the safe UnixRoot. Dual control is enabled for some of the accounts in that safe. Themembers of the AD group UnixAdmins need to be able to use the show, copy, and connect buttons on those passwords at any time without confirmation. The members of the AD group Operations Staff need to be able to use the show, copy and connect buttons on those passwords on an emergency basis, but only with the approval of a member of Operations Managers never need to be able to use the show, copy or connect buttons themselves.
Which safe permission do you need to grant Operations Staff? Check all that apply.

Use Accounts

Retrieve Accounts

Authorize Password Requests

Access Safe without Authorization

NEW QUESTION 113
It is possible to restrict the time of day, or day of week that a [b]verify[/b] process can occur

TRUE

FALSE

Explanation
Password verification can be restricted to specific days. This means that the CPM will only verify passwords on the days of the week specified in the VFExecutionDays parameter. The days of the week are represented by the first 3 letters of the name of the day. Sunday is represented by Sun, Monday by Mon, etc.

NEW QUESTION 114
It a password is changed manually on a server, bypassing the CPM, how would you configure the account so that the CPM could resume management automatically?

Configure the Provider to change the password to match the Vault’s Password

Associate a reconcile account and configure the platform to reconcile automatically

Associate a logon account and configure the platform to reconcile automatically

Run the correct auto detection process to rediscover the password

Loading …

CAU201 dumps Sure Practice with 179 Questions: https://www.prepawaypdf.com/CyberArk/CAU201-practice-exam-dumps.html

No related posts.

Latest [Mar 30, 2022] CAU201 Exam Questions – Valid CAU201 Dumps Pdf [Q96-Q114]

Understanding functional and technical aspects of CyberArk Security and Audit

admin

Leave a Reply Cancel reply

Understanding functional and technical aspects of CyberArk Security and Audit

admin

You might also like

Leave a Reply Cancel reply