Use Real CAU201 Dumps - CyberArk Correct Answers updated on 2023
CyberArk Defender CAU201 Exam Practice Dumps
CyberArk Defender exam, also known as CAU201, is a certification program that is designed to test the knowledge and skills of an individual in the field of cybersecurity. CAU201 exam focuses on the CyberArk solutions that are used to protect and manage privileged accounts, as well as other security measures that are taken to safeguard sensitive data and prevent cyber attacks.
NEW QUESTION # 32
Which usage can be added as a service account platform?
- A. IIS Application Pools
- B. Loosely Connected Devices
- C. PowerShell Libraries
- D. Kerberos Tokens
Answer: B
NEW QUESTION # 33
All of your Unix root passwords are stored in the safe UnixRoot. Dual control is enabled for some of the accounts in that safe. The members of the AD group UnixAdmins need to be able to use the show, copy, and connect buttons on those passwords at any time without confirmation. The members of the AD group Operations Staff need to be able to use the show, copy and connect buttons on those passwords on an emergency basis, but only with the approval of a member of Operations Managers never need to be able to use the show, copy or connect buttons themselves.
Which safe permission do you need to grant Operations Staff? Check all that apply.
- A. Retrieve Accounts
- B. Access Safe without Authorization
- C. Use Accounts
- D. Authorize Password Requests
Answer: A,C,D
NEW QUESTION # 34
When on-boarding account using Accounts Feed, Which of the following is true?
- A. You can specify the name of a new sale that will be created where the account will be stored when it is on-boarded to the Vault.
- B. Any account that is on boarded can be automatically reconciled regardless of the platform it is associated with.
- C. You must specify an existing Safe where are account will be stored when it is on boarded to the Vault
- D. You can specify the name of a new Platform that will be created and associated with the account
Answer: A
NEW QUESTION # 35
What is the purpose of the HeadStartlnterval setting m a platform?
- A. It determines how far in advance audit data is collected tor reports
- B. It alerts users of upcoming password changes x number of days before expiration.
- C. It instructs the AIM Provider to 'skip the cache' during the defined time period
- D. It instructs the CPM to initiate the password change process X number of days before expiration.
Answer: D
Explanation:
Explanation
The number of days before the password expires (according to the ExpirationPeriod parameter) that the CPM will initiate a password change process. This parameter is not relevant if the policy will be applied to a member of an account group.
NEW QUESTION # 36
Which command configures email alerts within PTA if settings need to be changed post install?
- A. /opt/tomcat/utility/emailSetup.sh
- B. /opt/PTA/utility/emailConfig.sh
- C. /opt/tomcat/utility/emailConfiguration.sh
- D. /opt/PTA/emailConfiguration.sh
Answer: C
NEW QUESTION # 37
It is possible to control the hours of the day during which a user may log into the vault.
- A. FALSE
- B. TRUE
Answer: B
NEW QUESTION # 38
In order to connect to a target device through PSM, the account credentials used for the connection must be stored in the vault?
- A. False. Because if credentials are not stored in the vault, the PSM will log into the target device as PSMConnect.
- B. True.
- C. False. Because the user can also enter credentials manually using Secure Connect.
- D. False. Because if credentials are not stored in the vault, the PSM will prompt for credentials.
Answer: C
NEW QUESTION # 39
Which of the Following can be configured in the Master Poky? Choose all that apply.
- A. Password Reconciliation
- B. One Time Passwords
- C. Ticketing Integration
- D. Required Properties
- E. Dual Control
- F. Password Aging Rules
- G. Custom Connection Components
- H. Exclusive Passwords
Answer: B,E,F,H
NEW QUESTION # 40
Within the Vault each password is encrypted by:
- A. its own unique key
- B. the server key
- C. the recovery private key
- D. the recovery public key
Answer: A
NEW QUESTION # 41
For an account attached to a platform that requires Dual Control based on a Master Policy exception, how would you configure a group of users to access a password without approval.
- A. Create an exception to the Master Policy to exclude the group from the workflow process.
- B. Edit the master policy rule and modify the advanced 'Access safe without approval' rule to include the group.
- C. On the safe in which the account is stored grant the group the 'Access safe without confirmation' authorization.
- D. On the safe in which the account is stored grant the group the 'Access safe without audit' authorization.
Answer: A
Explanation:
Explanation/Reference: https://www.reddit.com/r/CyberARk/comments/6270zr/dual_control_on_specific_accounts/
NEW QUESTION # 42
Which of the following Privileged Session Management solutions provide a detailed audit log of session activities?
- A. PSM for Windows (previously known as RDP Proxy)
- B. All of the above
- C. PSM (i.e., launching connections by clicking on the "Connect" button in the PVWA)
- D. PSM for SSH (previously known as PSM SSH Proxy)
Answer: C
NEW QUESTION # 43
Can the 'Connect' button be used to initiate an SSH connection, as root, to a Unix system when SSH access for root is denied?
- A. Yes, if a logon account is associated with the root account.
- B. No, it is not possible.
- C. Yes, only if a logon account is associated with the root account and the user connects through the PSM- SSH connection component.
- D. Yes, when using the connect button, CyberArk uses the PMTerminal.exe process which bypasses the root SSH restriction.
Answer: C
Explanation:
Explanation/Reference: https://www.reddit.com/r/CyberARk/comments/7zx8w5/ssh_connection/
NEW QUESTION # 44
The System safe allows access to the Vault configuration files.
- A. FALSE
- B. TRUE
Answer: A
Explanation:
Explanation/Reference:
NEW QUESTION # 45
What is the configuration file used by the CPM scanner when scanning UNIX/Linux devices?
- A. PVConfig.xml
- B. dbparm.ini
- C. UnixPrompts.ini
- D. plink.exe
Answer: C
NEW QUESTION # 46
Which item is an option for PSM recording customization?
- A. Universal keystrokes text recorder with windows events text recorder disabled
- B. Windows events text recorder with automatic play-back
- C. Windows events text recorder and universal keystrokes recording simultaneously
- D. Custom audio recording for windows events
Answer: D
NEW QUESTION # 47
What is the purpose of the Interval setting in a CPM policy?
- A. To control the maximum amount of time the CPM will wait for a password change to complete.
- B. To control how often the CPM looks for User Initiated CPM work.
- C. To control how long the CPM rests between password changes.
- D. To control how often the CPM looks for System Initiated CPM work.
Answer: C
NEW QUESTION # 48
You need to enable the PSM for all platforms.
Where do you perform this task?
- A. Master Policy > Privileged Access Workflows
- B. Platform Management > (Platform) > UI & Workflows
- C. Administration > Options > Connection Components
- D. Master Policy > Session Management
Answer: B
NEW QUESTION # 49
......
CyberArk Defender certification exam is intended for professionals who have practical experience in the implementation and administration of CyberArk solutions. As the exam is focused on CyberArk's suite of products, candidates are expected to have a thorough understanding of CyberArk Privileged Access Security solutions, including Enterprise Password Vault, Privileged Session Manager, and Privileged Threat Analytics.
Get ready to pass the CAU201 Exam right now using our CyberArk Defender Exam Package: https://freedumps.validvce.com/CAU201-exam-collection.html
