[Jan-2022] Updated Defender - Sentry (Combined) CAU302 Exam Questions BUNDLE PACK
Master The CyberArk Content CAU302 EXAM DUMPS WITH GUARANTEED SUCCESS!
How much CAU302 Exam Cost
The price of the CAU302 exam is $200 USD.
NEW QUESTION 67
An auditor initiates a LIVE monitoring session to PSM server to view an ongoing LIVE session. When the auditor's machine makes an RDP connection the PSM server, which user will be used?
- A. PSMConnect
- B. Credentials Stored in the Vault for the Target Machine
- C. Shadowuser
- D. PSMAdminConnect
Answer: D
NEW QUESTION 68
Can ITALOG records be forwarded to the monitoring solution via Security Information and Event Management (SIEM) integration?
- A. No
- B. Yes
Answer: B
NEW QUESTION 69
The Vault needs to send SNMP traps to an SNMP solution. In which configuration file do you set the IP address of the SNMP solution?
- A. ENEConf.ini
- B. dbparm.ini
- C. my.ini
Configure Remote Monitoring
In the remote control agent configuration file, PARAgent.ini, specify the following parameters:
SNMPHostIP - The IP address of the remote computer where SNMP traps will be sent. Separate multiple IP addresses with a comma. - D. PARAgent.ini
Answer: D
NEW QUESTION 70
In Accounts Discovery, you can configure a Windows discovery to scan ___________.
- A. a number of OUs determined by the OUstoScan setting under the Accounts Feed section in the Administration tab.
- B. up to three OUs.
- C. as many OUs as you wish.
- D. only one OU.
Answer: D
NEW QUESTION 71
If a user is a member of more than one group that has authorizations on a safe, by default that user is granted
__________________.
- A. the vault will not allow this situation to occur.
- B. only those permissions that exist in all groups to which the user belongs.
- C. the cumulative permissions of all the groups to which that user belongs
- D. only those permissions that exist on the group added to the safe first.
Answer: C
NEW QUESTION 72
When a DR Vault Server becomes an active vault, it will automatically revert back to DR mode once the Primary Vault comes back online.
- A. False, the Vault administrator must manually set the DR Vault to DR mode by setting "FailoverMode=no" in the padr.ini file.
- B. False, the Vault administrator must manually set the DR Vault to DR mode by setting "FailoverMode=no" in the dbparm.ini file.
- C. True, this is the default behavior.
- D. True, if the AllowFailback setting is set to "yes" in the padr.ini file.
Answer: A
Explanation:
Explanation/Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Initiating-DR- Failback-to-Production-Vault.htm
NEW QUESTION 73
If a transparent user belongs two different directory mappings, how does the system determine which user template to use?
- A. The system will grant all of the vault authorizations from the two templates.
- B. The system will use the template for the mapping listed first.
- C. The system will grant only the vault authorizations that are listed in both templates.
- D. The system will use the template for the mapping listed last.
Answer: B
NEW QUESTION 74
What is the purpose of EVD?
- A. To extract audit data from the vault.
- B. To extract vault metadata into an open database platform.
- C. To create a backup of the MySQL database.
- D. To allow editing of vault metadata.
Answer: A
Explanation:
Explanation/Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/Landing%20Pages/ lpExportVaultDataUtility.htm
NEW QUESTION 75
The Vault administrator can change the Vault license by uploading the new license to the system Safe.
- A. True
- B. False
Answer: A
NEW QUESTION 76
Which file would you modify to configure your Vault Server to forward Activity Logs to a SIEM or SYSLOG server?
- A. dbparm.ini
- B. ENEConf.ini
- C. PARagent.ini
- D. padr.ini
Answer: A
NEW QUESTION 77
Which service should NOT be running on the DR Vault when the primary Production Vault is up?
- A. CyberArk Vault Disaster Recovery (DR) service
- B. PrivateArk Database
- C. PrivateArk Server
- D. CyberArk Logical Container
Answer: C
NEW QUESTION 78
A Simple Network Management Protocol (SNMP) integration allows the Vault administrator to forward ITALOG records to a monitoring solution.
- A. True
- B. False
Answer: B
NEW QUESTION 79
How does the Vault administrator configure the CyberArk Disaster Recovery (DR) solution to perform automatic failover in case of failure in the Primary Vault?
- A. By setting "FailoverMode=yes" in the padr.ini file
- B. By setting "EnableFailover=yes" in the dbparm.ini file
- C. By setting "EnableFailover=yes" in the padr.ini file
- D. By setting "FailoverMode=yes" in the dbparm.ini file
Answer: C
Explanation:
Explanation/Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Distributed- Vaults-during-Vault-Failure.htm#_Ref462652176
NEW QUESTION 80
Using the SSH Key Manager it is possible to allow CPM to manage SSH Keys similarly to passwords.
- A. TRUE
- B. FALSE
Answer: A
NEW QUESTION 81
A Simple Mail Transfer Protocol (SMTP) integration is critical for monitoring Vault activity and facilitating workflow processes, such as Dual Control.
- A. True
- B. False
Answer: B
NEW QUESTION 82
When using multiple Central Policy Managers (CPM), which one of the following Safes is shared by all CPMs?
- A. PasswordManager_ADInternal
- B. PasswordManagerSharedSafe
- C. PasswordManager_workspace
- D. PasswordManager_Pending
Answer: B
NEW QUESTION 83
In accordance with best practice. SSH access is denied for root accounts on UNIX/LINUX systems. What is the BEST way to allow CPM to manage root accounts.
- A. Configure the Unix system to allow SSH logins.
- B. Create a non-privileged account on the target server Allow this account the ability to SSH directly from the CPM machine. Configure this account as the Logon account of the target server's root account
- C. Create a privileged account on the target server Allow this account the ability to SSHdirectly from the CPM machineConfigure this account as the Reconcile account of the target server's root account.
- D. Configure the CPM to allow SSH logins
Answer: B
NEW QUESTION 84
You have associated a logon account to one of your UNIX root accounts in the vault. When attempting to verify the root account's password the CPM will...
- A. Ignore the logon account and attempt to log in as root.
- B. Log in first with the logon account, then run the su command to log in as root using the password in the vault.
- C. Prompt the end user with a dialog box asking for the login account to use.
- D. None of these.
Answer: C
NEW QUESTION 85
Which of the Following can be configured in the Master Policy? Choose all that apply.
- A. Ticketing Integration
- B. Password Reconciliation
- C. One Time Passwords
- D. Custom Connection Components
- E. Dual Control
- F. Required Properties
- G. Exclusive Passwords
- H. Password Aging Rules
Answer: C,D,E,H
NEW QUESTION 86
Ad-Hoc Access (formerly Secure Connect) provides the following features. (Choose all that apply.)
- A. PSM connections from a terminal without the need to login to the PVWA
- B. Real-time live session monitoring
- C. Session Recording
- D. PSM connections to target devices that are not managed by CyberArk
Answer: B,C,D
NEW QUESTION 87
Which of the following components can be used to create a tape backup of the Vault?
- A. Disaster Recovery
- B. Distributed Vaults
- C. High Availability
- D. Replicate
Answer: D
Explanation:
Explanation/Reference: https://cyberark-customers.force.com/s/article/00001864
NEW QUESTION 88
Which IP port and Protocol are used by the CyberArk Secure Proprietary Protocol?
- A. TCP/22
- B. UDP/1812
- C. TCP/1858
- D. TCP/636
Answer: C
NEW QUESTION 89
......
What is the duration of the CAU302 Exam
- Length of Examination: 90 minutes
- Passing Score: 70%
- Number of Questions: 40
- Format: Multiple choices, multiple answers
Pass CyberArk CAU302 Exam – Experts Are Here To Help You: https://www.realvce.com/CAU302_free-dumps.html