PAM-CDE-RECERT CyberArk CDE Recertification Dumps

If you are looking for free PAM-CDE-RECERT dumps than here we have some sample question answers available. You can prepare from our CyberArk PAM-CDE-RECERT exam questions notes and prepare exam with this practice test. Check below our updated PAM-CDE-RECERT exam dumps.

DumpsGroup are top class study material providers and our inclusive range of PAM-CDE-RECERT Real exam questions would be your key to success in CyberArk CyberArk CDE Certification Certification Exam in just first attempt. We have an excellent material covering almost all the topics of CyberArk PAM-CDE-RECERT exam. You can get this material in CyberArk PAM-CDE-RECERT PDF and PAM-CDE-RECERT practice test engine formats designed similar to the Real Exam Questions. Free PAM-CDE-RECERT questions answers and free CyberArk PAM-CDE-RECERT study material is available here to get an idea about the quality and accuracy of our study material.

discount banner

Sample Question 4

In a rule using “Privileged Session Analysis and Response” in PTA, which session optionsare available to configure as responses to activities?

A. Suspend, Terminate, None
B. Suspend, Terminate, Lock Account
C. Pause, Terminate, None
D. Suspend, Terminate

Sample Question 5

You are helping a customer prepare a Windows server for PSM installation. What isrequired for a successful installation?

A. Window 2012 KB4558843
B. Remote Desktop services (RDS) Session Host Roles
C. Windows 2016 KB4558843
D. Remote Desktop services (RDS) Session Broker

Sample Question 6

Which report shows the accounts that are accessible to each user?

A. Activity report
B. Entitlement report
C. Privileged Accounts Compliance Status report
D. Applications Inventory report

Sample Question 7

Which PTA sensors are required to detect suspected credential theft?

A. Logs, Vault Logs
B. Logs, Network Sensor, Vault Logs
C. Logs, PSM Logs, CPM Logs
D. Logs, Network Sensor, EPM

Sample Question 8

Ad-Hoc Access (formerly Secure Connect) provides the following features. Choose all thatapply.

A. PSM connections to target devices that are not managed by CyberArk.
B. Session Recording.
C. Real-time live session monitoring.
D. PSM connections from a terminal without the need to login to the PVWA.

Sample Question 9

You have been asked to design the number of PVWAs a customer must deploy. Thecustomer has three data centers with a distributed vault in each, requires high availability,and wants to use all vaults, at all times. How many PVWAs does the customer need?

A. six
B. four
C. two
D. three

Sample Question 10

The System safe allows access to the Vault configuration files.


Sample Question 11

All of your Unix root passwords are stored in the safe UnixRoot. Dual control is enabled forsome of the accounts in that safe. The members of the AD group UnixAdmins need to beable to use the show, copy, and connect buttons on those passwords at any time withoutconfirmation. The members of the AD group Operations Staff need to be able to use theshow, copy and connect buttons on those passwords on an emergency basis, but only withthe approval of a member of Operations Managers never need to be able to use the show,copy or connect buttons themselves.Which safe permission do you need to grant Operations Staff? Check all that apply.

A. Use Accounts
B. Retrieve Accounts
C. Authorize Password Requests
D. Access Safe without Authorization

Sample Question 12

The vault supports Subnet Based Access Control.


Sample Question 13

Which user is automatically added to all Safes and cannot be removed?

A. Auditor
B. Administrator
C. Master
D. Operator

Sample Question 14

In the Private Ark client, how do you add an LDAP group to a CyberArk group?

A. Select Update on the CyberArk group, and then click Add > LDAP Group
B. Select Update on the LDAP Group, and then click Add > LDAP Group
C. Select Member Of on the CyberArk group, and then click Add > LDAP Group
D. Select Member Of on the LDAP group, and then click Add > LDAP Group

Sample Question 15

Which parameter controls how often the CPM looks for Soon-to-be-expired Passwords thatneed to be changed.

A. HeadStartInterval
B. Interval
C. ImmediateInterval
D. The CPM does not change the password under this circumstance

Sample Question 16

When Dual Control is enabled a user must first submit a request in the Password VaultWeb Access (PVWA) and receive approval before being able to launch a secureconnection via PSM for Windows (previously known as RDP Proxy).

A. True
B. False, a user can submit the request after the connection has already been initiated viathe PSM for Windows

Sample Question 17

A company requires challenge/response multi-factor authentication for PSMP sessions.Which server must you integrate with the CyberArk vault?


Sample Question 18

If the AccountUploader Utility is used to create accounts with SSH keys, which parameterdo you use to set the full or relative path of the SSH private key file that will be attached tothe account?

A. KeyPath
B. KeyFile
C. ObjectName
D. Address

Sample Question 19

You receive this error:“Error in changepass to user domain\user on domain server(\domain.(winRc=5) Access isdenied.”Which root cause should you investigate?

A. The account does not have sufficient permissions to change its own password.
B. The domain controller is unreachable.
C. The password has been changed recently and minimum password age is preventing thechange.
D. The CPM service is disabled and will need to be restarted.

Sample Question 20

Which of these accounts onboarding methods is considered proactive?

A. Accounts Discovery
B. Detecting accounts with PTA
C. A Rest API integration with account provisioning software
D. A DNA scan

Sample Question 21

In your organization the “click to connect” button is not active by default.How can this feature be activated?

A. Policies > Master Policy > Allow EPV transparent connections > Inactive
B. Policies > Master Policy > Session Management > Require privileged sessionmonitoring and isolation > Add Exception
C. Policies > Master Policy > Allow EPV transparent connections > Active
D. Policies > Master Policy > Password Management

Sample Question 22

In accordance with best practice, SSH access is denied for root accounts on UNIX/LINUXsystem. What is the BEST way to allow CPM to manage root accounts.

A. Create a privileged account on the target server. Allow this account the ability to SSHdirectly from the CPM machine. Configure this account as the Reconcile account of the target server’s root account.
B. Create a non-privileged account on the target server. Allow this account the ability toSSH directly from the CPM machine. Configure this account as the Logon account of thetarget server’s root account.
C. Configure the Unix system to allow SSH logins.
D. Configure the CPM to allow SSH logins.

Sample Question 23

Which item is an option for PSM recording customization?

A. Windows events text recorder with automatic play-back
B. Windows events text recorder and universal keystrokes recording simultaneously
C. Universal keystrokes text recorder with windows events text recorder disabled
D. Custom audio recording for windows events

Sample Question 24

When managing SSH keys, the CPM stores the Public Key

A. In the Vault
B. On the target server
C. A & B
D. Nowhere because the public key can always be generated from the private key.

Sample Question 25

A Simple Mail Transfer Protocol (SMTP) integration is critical for monitoring Vault activityand facilitating workflow processes, such as Dual Control.

A. True
B. False

Sample Question 26

The Accounts Feed contains:

A. Accounts that were discovered by CyberArk in the last 30 days
B. Accounts that were discovered by CyberArk that have not yet been onboarded
C. All accounts added to the vault in the last 30 days
D. All users added to CyberArk in the last 30 days

Sample Question 27

What is the configuration file used by the CPM scanner when scanning UNIX/Linuxdevices?

A. UnixPrompts.ini
B. plink.exe
C. dbparm.ini
D. PVConfig.xml

Sample Question 28

VAULT authorizations may be granted to_____.

A. Vault Users
B. Vault Groups
C. LDAP Users
D. LDAP Groups

Sample Question 29

Which certificate type do you need to configure the vault for LDAP over SSL?

A. the CA Certificate that signed the certificate used by the External Directory
B. a CA signed Certificate for the Vault server
C. a CA signed Certificate for the PVWA server
D. a self-signed Certificate for the Vault

Sample Question 30

To use PSM connections while in the PVWA, what are the minimum safe permissions auser or group will need?

A. List Accounts, Use Accounts
B. List Accounts, Use Accounts, Retrieve Accounts
C. Use Accounts
D. List Accounts, Use Accounts, Retrieve Accounts, Access Safe without confirmation

Sample Question 31

Which pre-requisite step must be completed before installing a Vault?

A. Join the server to the domain
B. install a clean operating system
C. install anti-virus software
D. Copy the master CD to a folder on the Vault server

Sample Question 32

When creating an onboarding rule, it will be executed upon .

A. All accounts in the pending accounts list
B. Any future accounts discovered by a discovery process
C. Both “All accounts in the pending accounts list” and “Any future accounts discovered bya discovery process”

Sample Question 33

Users who have the 'Access Safe without confirmation' safe permission on a safe whereaccounts are configured for Dual control, still need to request approval to use the account.


Sample Question 34

PTA can automatically suspend sessions if suspicious activities are detected in a privilegedsession, but only if the session is made via the CyberArk PSM.

A. True
B. False, the PTA can suspend sessions whether the session is made via the PSM or not

Exam Name: CyberArk CDE Recertification
Last Update: May 13, 2024
Questions: 207