PAM-DEF Practice Questions

Target account platforms can be restricted to accounts that are stored m specific Safes using the Allowed Safes property.

When Dual Control is enabled a user must first submit a request in the Password Vault Web Access (PVWA) and receive approval before being able to launch a secure connection via PSM for Windows (previously known as RDP Proxy).

A user requested access to view a password secured by dual-control and is unsure who to contact to expedite the approval process. The Vault Admin has been asked to look at the account and identify who can approve their request.

What is the correct location to identify users or groups who can approve?

Which report shows the accounts that are accessible to each user?

Which item is an option for PSM recording customization?

Match each permission to where it can be found.

All of your Unix root passwords are stored in the safe UnixRoot. Dual control is enabled for some of the accounts in that safe. The members of the AD group UnixAdmins need to be able to use the show, copy, and connect buttons on those passwords at any time without confirmation. The members of the AD group Operations Staff need to be able to use the show, copy and connect buttons on those passwords on an emergency basis, but only with the approval of a member of Operations Managers never need to be able to use the show, copy or connect buttons themselves.

Which safe permission do you need to grant Operations Staff? Check all that apply.

You are onboarding an account that is not supported out of the box.

What should you do first to obtain a platform to import?

You are logging into CyberArk as the Master user to recover an orphaned safe.

Which items are required to log in as Master?

Which CyberArk utility allows you to create lists of Master Policy Settings, owners and safes for output to text files or MSSQL databases?