完全版EPM-DEF練習テスト62特別な問題と解答が待ってます! [Q12-Q36]

Share

完全版EPM-DEF練習テスト62特別な問題と解答が待ってます!

CyberArk Defender問題集でEPM-DEF試験完全版問題で試験学習ガイド


CyberArk EPM-DEF(CyberArk Defender - EPM)認定試験は、CyberArkの特権アクセスセキュリティソリューションを使用する知識とスキルを持つ個人の包括的な評価です。この試験は、CyberArkのエンドポイント特権マネージャー(EPM)ソリューションを設計、実装、管理する専門家が、その専門性を示したいと考えるサイバーセキュリティプロフェッショナル向けに設計されています。 EPMソリューションは、特権アクセスの乱用から組織を保護し、サイバー攻撃のリスクを軽減するのに役立ちます。

 

質問 # 12
When enabling Threat Protection policies, what should an EPM Administrator consider? (Choose two.)

  • A. Certain Threat Protection policies apply for specific applications not found on all machines
  • B. Threat Protection features are not available in all regions.
  • C. Some Threat Protection policies are applicable only for Windows Servers as opposed to Workstations.
  • D. Threat Protection policies requires an additional agent to be installed.

正解:A、C


質問 # 13
How does CyberArk EPM's Ransomware Protection feature monitor for Ransomware Attacks?

  • A. It performs a lookup of file signatures against VirusTotal's database.
  • B. It sandboxes the suspected ransomware and applies heuristics.
  • C. It compares known ransomware signatures retrieved from virus databases.
  • D. It monitors for any unauthorized access to specified files.

正解:B


質問 # 14
When working with credential rotation/loosely connected devices, what additional CyberArk components are required?

  • A.
  • B. DAP
  • C. PTA
  • D. PVWA

正解:D


質問 # 15
Which threat intelligence source requires the suspect file to be sent externally?

  • A. Palo Alto Wildfire
  • B. VirusTotal
  • C. CyberArk Application Risk Analysis Service (ARA)
  • D. NSRL

正解:B


質問 # 16
For Advanced Policies, what can the target operating system users be set to?

  • A. Local or AD users, Azure AD Users
  • B. AD Groups, Azure AD Groups
  • C. Local or AD users and groups, Azure AD User, Azure AD Group
  • D. Local or AD users and groups

正解:D


質問 # 17
When blocking applications, what is the recommended practice regarding the end-user UI?

  • A. Enable the Default Deny policy.
  • B. Hide the CyberArk EPM Agent icon in the system tray.
  • C. Show a block prompt for blocked applications.
  • D. Show no prompts for blocked applications.

正解:C


質問 # 18
When adding the EPM agent to a pre-existing security stack on workstation, what two steps are CyberArk recommendations. (Choose two.)

  • A. Create new advanced policies for each security tool.
  • B. Add EPM agent to the other security tools exclusions.
  • C. Add any pre-existing security application to the Files to Be Ignored Always.
  • D. EPM agent should never be run with any other security tools.

正解:B、C


質問 # 19
When deploying EPM and in the Privilege Management phase what is the purpose of Discovery?

  • A. To identify both administrative and non-administrative level events
  • B. To identify non-administrative threats
  • C. To identify all non-administrative events
  • D. To identify all administrative level events

正解:A


質問 # 20
An application has been identified by the LSASS Credentials Harvesting Module.
What is the recommended approach to excluding the application?

  • A. Add the application to an Advanced Policy or Application Group with an Elevate policy action.
  • B. Add the application to the Files to be Ignored Always in Agent Configurations.
  • C. Exclude the application within the LSASS Credentials Harvesting module.
  • D. In Agent Configurations, add the application to the Threat Protection Exclusions

正解:D


質問 # 21
CyberArk's Privilege Threat Protection policies are available for which Operating Systems? (Choose two.)

  • A. MacOS
  • B. Windows Servers
  • C. Linux
  • D. Windows Workstations

正解:B、D


質問 # 22
When working with credential rotation at the EPM level, what is the minimum time period that can be set between connections?

  • A. 24 hours
  • B. 5 hours
  • C. 72 hours
  • D. 1 hour

正解:C


質問 # 23
Which of the following application options can be used when defining trusted sources?

  • A. Publisher, Name, Size, URI
  • B. Publisher, Product, Size, URL
  • C. Product, Publisher, User/Group, Installation Package
  • D. Product, URL, Machine, Package

正解:C


質問 # 24
An EPM Administrator would like to exclude an application from all Threat Protection modules. Where should the EPM Administrator make this change?

  • A. Protect Against Ransomware under Default Policies.
  • B. Threat Protection under Agent Configurations.
  • C. Privilege Threat Protection under Policies.
  • D. Authorized Applications under Application Groups.

正解:D


質問 # 25
Match the Trusted Source to its correct definition:

正解:

解説:


質問 # 26
If Privilege Management is not working on an endpoint, what is the most likely cause that can be verified in the EPM Agent Log Files?

  • A. Behavior of the elevation prompt for administrators in Admin Approval Mode is set to "Prompt for Consent for non-Windows binaries".
  • B. Agent version is incompatible.
  • C. UAC policy Admin Approval for the Built-in Administrator Account is set to "Disabled".
  • D. UAC policy Run all administrators in Admin Approval Mode is set to "Enabled".

正解:D


質問 # 27
An EPM Administrator is looking to enable the Threat Deception feature, under what section should the EPM Administrator go to enable this feature?

  • A. Policy Audit
  • B. Policies
  • C. Threat Intelligence
  • D. Threat Protection Inbox

正解:B


質問 # 28
Select the default threat intelligence source that requires additional licensing.

  • A. VirusTotal
  • B. Palo Alto WildFire
  • C. CyberArk Application Risk Analysis Service
  • D. NSRL

正解:B


質問 # 29
An end user is experiencing performance issues on their device after the EPM Agent had been installed on their machine. What should the EPM Administrator do first to help resolve the issue?

  • A. Enable the Default Policy's Privilege Management Control, Unhandled Privileged Applications in Elevate mode.
  • B. Rerun the agent installation on the user's machine to repair the installation.
  • C. Uninstall or disable any anti-virus software prohibiting the EPM Agent functionalities.
  • D. Verify any 3rd party security solutions have been added to EPM's Files To Be Ignored Always configuration and CyberArk EPM has also been excluded from the 3rd party security solutions.

正解:C


質問 # 30
What are Trusted sources for Windows endpoints used for?

  • A. Listing all the approved application to the end users.
  • B. Defining applications that can be used by the developers.
  • C. Creating policies that contain trusted sources of applications.
  • D. Managing groups added by recommendation.

正解:A


質問 # 31
Which policy can be used to improve endpoint performance for applications commonly used for software development?

  • A. Software Updater
  • B. Trusted Application
  • C. Developer Applications
  • D. Trusted Source

正解:B


質問 # 32
How does EPM help streamline security compliance and reporting?

  • A. Use of automated distribution of reports to the security team
  • B. Print reports
  • C. Create custom reports
  • D. Provides reports in standard formats such as PDF, Word and Excel

正解:D


質問 # 33
Which EPM reporting tool provides a comprehensive view of threat detection activity?

  • A. McAfee ePO Reports
  • B. Threat Detection Dashboard
  • C. Threat Detection Events
  • D. Detected Threats

正解:B


質問 # 34
A particular user in company ABC requires the ability to run any application with administrative privileges every day that they log in to their systems for a total duration of 5 working days.
What is the correct solution that an EPM admin can implement?

  • A. An EPM admin can generate a JIT access and elevation policy with temporary access timeframe set to
    120 hours and Terminate administrative processes when the policy expires option unchecked
  • B. An EPM admin can create a secure token for the end user's computer and instruct the end user to open an administrative command prompt and run the command vfagent.exe -UseToken <securetoken_value>
  • C. An EPM admin can create an authorization token for each application needed by running:
    EPMOPAGtool.exe -command gentoken -targetUser <username> -filehash <file hash> -timeLimit 120
    -action run
  • D. An EPM admin can generate a JIT access and elevation policy with temporary access timeframe set to
    120 hours

正解:A


質問 # 35
Where can you view CyberArk EPM Credential Lures events?

  • A. Policy Audit
  • B. Events Management
  • C. Application Catalog
  • D. Threat Protection Inbox

正解:D


質問 # 36
......

EPM-DEF正真正銘のベスト資料、オンライン練習試験:https://jp.fast2test.com/EPM-DEF-premium-file.html

優れもの良質なEPM-DEF問題集が待ってます:https://drive.google.com/open?id=1w4QXerq1EW8gx4amS1akjr3Lk72QHToh


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어