2023年最新のに更新された検証済みの合格させるCAU201学習ガイドベスト問題集を使おう [Q25-Q48]

Share

2023年最新のに更新された検証済みの合格させるCAU201学習ガイドベスト問題集を使おう Courses

究極なガイドはCAU201最新版限定公開

質問 # 25
Users can be restricted through certain CyberArk interfaces (e.g. PVWA or PACLI).

  • A. FALSE
  • B. TRUE

正解:B


質問 # 26
If a user is a member of more than one group that has authorizations on a safe, by default that user is granted____________________.

  • A. the vault will not allow this situation to occur.
  • B. only those permissions that exist on the group added to the safe first.
  • C. only those permissions that exist in all groups to which the user belongs.
  • D. the cumulative permissions of all the groups to which that user belongs.

正解:B


質問 # 27
Which PTA sensors are required to detect suspected credential theft?

  • A. Logs, Network Sensor, EPM
  • B. Logs, PSM Logs, CPM Logs
  • C. Logs, Vault Logs
  • D. Logs, Network Sensor, Vault Logs

正解:C


質問 # 28
You have associated a logon account to one of your UNIX root accounts in the vault. When attempting to
change the root account's password the CPM will...

  • A. Log in to the system as root, then change root's password.
  • B. Log in to the system as the logon account, run the su command to log in as root, and then change root's
    password.
  • C. Log in to the system as the logon account, then change root's password
  • D. None of these.

正解:A


質問 # 29
Which parameter controls how often the CPM looks for Soon-to-be-expired Passwords that need to be
changed.

  • A. ImmediateInterval
  • B. The CPM does not change the password under this circumstance
  • C. Interval
  • D. HeadStartInterval

正解:A


質問 # 30
To use PSM connections while in the PVWA, what are the minimum safe permissions a user or group will need?

  • A. List Accounts, Use Accounts, Retrieve Accounts, Access Safe without confirmation
  • B. List Accounts, Use Accounts
  • C. Use Accounts
  • D. List Accounts, Use Accounts, Retrieve Accounts

正解:C


質問 # 31
A Reconcile Account can be specified in the Master Policy.

  • A. FALS
  • B. TRUE

正解:B


質問 # 32
You receive this error:
"Error in changepass to user domain\user on domain server(\domain.(winRc=5) Access is denied." Which root cause should you investigate?

  • A. The CPM service is disabled and will need to be restarted.
  • B. The domain controller is unreachable.
  • C. The password has been changed recently and minimum password age is preventing the change.
  • D. The account does not have sufficient permissions to change its own password.

正解:D


質問 # 33
Vault admins must manually add the auditors group to newly created safes so auditors will have sufficient access to run reports.

  • A. FALSE
  • B. TRUE

正解:A

解説:
Explanation/Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/MESSAGES/Password
%20Vault%20Web%20Access%20Messages-%20General.htm


質問 # 34
In accordance with best practice, SSH access is denied for root accounts on UNIXLINUX system.
What is the BEST way to allow CPM to manage root accounts?

  • A. Create a privileged account on the target server. Allow this account the ability to SSH directly from the CPM
    machine. Configure this account of the target server's root account.
  • B. Create a non-privileged account on the target server. Allow this account the ability to SSH directly from the
    CPM machine. Configure this account as the Logon account of the target server's root account.
  • C. Configure the CPM to allow SSH logins.
  • D. Configure the Unix system to allow SSH logins.

正解:B


質問 # 35
For an account attached to a platform that requires Dual Control based on a Master Policy exception, how
would you configure a group of users to access a password without approval.

  • A. Create an exception to the Master Policy to exclude the group from the workflow process.
  • B. Edit the master policy rule and modify the advanced 'Access safe without approval' rule to include the
    group.
  • C. On the safe in which the account is stored grant the group the 'Access safe without audit' authorization.
  • D. On the safe in which the account is stored grant the group the 'Access safe without confirmation'
    authorization.

正解:A

解説:
Explanation/Reference: https://www.reddit.com/r/CyberARk/comments/6270zr/dual_control_on_specific_accounts/


質問 # 36
What is the chief benefit of PSM?

  • A. Privileged session isolation
  • B. Automatic password management
  • C. Privileged session recording
  • D. 'Privileged session isolation' and 'Privileged session recording'

正解:C


質問 # 37
According to the DEFAULT Web Options settings, which group grants access to the REPORTS page?

  • A. Vault Admins
  • B. PVWAMonitor
  • C. Auditors
  • D. PVWAUsers

正解:B


質問 # 38
In order to connect to a target device through PSM, the account credentials used for the connection must be stored in the vault?

  • A. True.
  • B. False. Because if credentials are not stored in the vault, the PSM will log into the target device as PSM Connect.
  • C. False. Because the user can also enter credentials manually using Secure Connect.
  • D. False. Because if credentials are not stored in the vault, the PSM will prompt for credentials.

正解:B


質問 # 39
As long as you are a member of the Vault Admins group, you can grant any permission on any safe that you have access to.

  • A. FALS
  • B. TRUE

正解:B


質問 # 40
One can create exceptions to the Master Policy based on ____________________.

  • A. Safes
  • B. Policies
  • C. Accounts
  • D. Platforms

正解:C

解説:
Explanation/Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/The-Master-
Policy.htm


質問 # 41
Platform settings are applied to______________.

  • A. The entire vault.
  • B. Individual Accounts
  • C. Network Areas
  • D. Safes

正解:D

解説:
Explanation
Explanation/Reference: https://www.reddit.com/r/CyberARk/comments/avxnxz/safes_and_platform_association/


質問 # 42
What is the configuration file used by the CPM scanner when scanning UNIX/Linux devices?

  • A. plink.exe
  • B. PVConfig.xml
  • C. UnixPrompts.ini
  • D. dbparm.ini

正解:C


質問 # 43
It is possible to restrict the time of day, or day of week that a reconcile process can occur.

  • A. FALSE
  • B. TRUE

正解:A


質問 # 44
A user requested access to view a password secured by dual-control and is unsure who to contact to expedite the approval process. The Vault Admin has been asked to look at the account and identify who can approve their request.
What is the correct location to identify users or groups who can approve?

  • A. PVWA> Policies > Access Control (Safes) > Safe Members > Workflow > Authorize Password Requests
  • B. PrivateArk > Admin Tools > Users and Groups > Auditors (Group Membership)
  • C. PVWA> Account List > Edit > Show Advanced Settings > Dual Control > Direct Managers
  • D. PVWA> Administration > Platform Configuration > Edit Platform > UI & Workflow > Dual Control> Approvers

正解:A


質問 # 45
VAULT authorizations may be granted to ____________________.
Select all that apply.

  • A. LDAP Users
  • B. Vault Users
  • C. LDAP Groups
  • D. Vault Groups

正解:A


質問 # 46
What is the purpose of the HeadStartlnterval setting m a platform?

  • A. It determines how far in advance audit data is collected tor reports
  • B. It instructs the AIM Provider to 'skip the cache' during the defined time period
  • C. It alerts users of upcoming password changesxnumber of days before expiration.
  • D. It instructs the CPM to initiate the password change process X number of days before expiration.

正解:B


質問 # 47
Match the log file name with the CyberArk Component that generates the log.

正解:

解説:


質問 # 48
......


この試験は、特権アクセス管理ソリューションの主要なプロバイダーであるCyberArkによって実施されます。これは、40問の択一式テストであり、90分の試験時間があります。試験には、CyberArkのアーキテクチャ、特権アカウントのインストール、設定、管理、セキュリティ脅威の検出および対応能力など、さまざまなトピックがカバーされます。

 

問題集で返金保証付きのCAU201承認済み問題集:https://jp.fast2test.com/CAU201-premium-file.html


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어