[2023] CAU201 PDF Questions - Perfect Prospect To Go With Dumpexams Practice Exam [Q59-Q80]

[2023] CAU201 PDF Questions - Perfect Prospect To Go With Dumpexams Practice Exam

CyberArk CAU201 Pdf Questions - Outstanding Practice To your Exam

CyberArk Defender exam is a comprehensive certification program that requires individuals to demonstrate their knowledge and skills in a variety of areas. CAU201 exam consists of multiple-choice questions that cover a range of topics, including the CyberArk Privileged Access Security Solution, CyberArk Privileged Session Manager, and CyberArk Endpoint Privilege Manager. CAU201 exam also covers security policies and procedures, as well as best practices for managing privileged accounts.

CyberArk Defender certification exam (CAU201) is a popular certification exam for professionals who are looking to establish themselves as experts in CyberArk technology. CyberArk Defender certification is designed for individuals who have a deep understanding of CyberArk and its products and have the ability to implement and manage CyberArk solutions. CyberArk Defender certification exam is designed to test the knowledge and skills of individuals in various areas of CyberArk technology.

 

NEW QUESTION # 59
In a default CyberArk installation, which group must a user be a member of to view the "reports" page in PVWA?

• A. PVWAReports
• B. Operators
• C. PVWAMonitor
• D. ReportUsers

Answer: C

NEW QUESTION # 60
How does the Vault administrator apply a new license file?

• A. Upload the license.xml file to the system Safe and restart the PrivateArk Server service
• B. Upload the license.xml file to the Vault Internal Safe and restart the PrivateArk Server service
• C. Upload the license.xml file to the system Safe
• D. Upload the license.xml file to the Vault Internal Safe

Answer: C

NEW QUESTION # 61
Which combination of Safe member permissions will allow end users to log in to a remote machine transparently but NOT show or copy the password?

• A. List Accounts, Retrieve Accounts
• B. Use Accounts, List Accounts
• C. Use Accounts, Retrieve Accounts, List Accounts
• D. Use Accounts

Answer: A

NEW QUESTION # 62
A Reconcile Account can be specified in the Master Policy.

• A. TRUE
• B. FALSE

Answer: B

NEW QUESTION # 63
Secure Connect provides the following. Choose all that apply.

• A. PSM connections to target devices that are not managed by CyberArk.
• B. PSM connections from a terminal without the need to login to the PVWA
• C. Real-time live session monitoring.
• D. Session Recording

Answer: A,D

NEW QUESTION # 64
Which utilities could you use to change debugging levels on the vault without having to restart the vault. Select all that apply.

• A. Edit DBParm.ini in a text editor.
• B. Setup.exe
• C. PrivateArk Server Central Administration
• D. PAR Agent

Answer: C,D

Explanation:
PAR-Private Ark Remote Control Agent allows you to perform several Vault admin tasks (without restarting the Vault) and view machine statistics.

NEW QUESTION # 65
What is the configuration file used by the CPM scanner when scanning UNIX/Linux devices?

• A. PVConfig.xml
• B. plink.exe
• C. dbparm.ini
• D. UnixPrompts.ini

Answer: D

NEW QUESTION # 66
You receive this error:
"Error in changepass to user domain\user on domain server(\domain.(winRc=5) Access is denied." Which root cause should you investigate?

• A. The domain controller is unreachable.
• B. The account does not have sufficient permissions to change its own password.
• C. The password has been changed recently and minimum password age is preventing the change.
• D. The CPM service is disabled and will need to be restarted.

Answer: B

NEW QUESTION # 67
Time of day or day of week restrictions on when password verifications can occur configured in
____________________.

• A. The Master Policy
• B. The Account Details
• C. The Platform settings
• D. The Safe settings

Answer: C

Explanation:
Explanation/Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Verifying- Passwords.htm

NEW QUESTION # 68
In accordance with best practice, SSH access is denied for root accounts on UNIXLINUX system.
What is the BEST way to allow CPM to manage root accounts?

• A. Create a privileged account on the target server. Allow this account the ability to SSH directly from the CPM
  machine. Configure this account of the target server's root account.
• B. Create a non-privileged account on the target server. Allow this account the ability to SSH directly from the
  CPM machine. Configure this account as the Logon account of the target server's root account.
• C. Configure the Unix system to allow SSH logins.
• D. Configure the CPM to allow SSH logins.

Answer: B

NEW QUESTION # 69
Which of the following PTA detections are included in the Core PAS offering?

• A. Golden Ticket
• B. Suspected Credential Theft
• C. Unmanaged Privileged Access
• D. Over-Pass-The Hash

Answer: C

Explanation:
Explanation/Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PTA/What-Does-PTA- Detect.htm

NEW QUESTION # 70
You have associated a logon account to one of your UNIX root accounts in the vault. When attempting to change the root account's password the CPM will...

• A. None of these.
• B. Log in to the system as the logon account, run the su command to log in as root, and then change root's password.
• C. Log in to the system as root, then change root's password.
• D. Log in to the system as the logon account, then change root's password

Answer: C

NEW QUESTION # 71
Which usage can be added as a service account platform?

• A. PowerShell Libraries
• B. IIS Application Pools
• C. Kerberos Tokens
• D. Loosely Connected Devices

Answer: D

NEW QUESTION # 72
Which of the following statements are NOT true when enabling PSM recording for a target Windows server? (Choose all that apply)

• A. PSMConnect must be added as a local user on the target server
• B. The PSM software must be instated on the target server
• C. RDP must be enabled on the target server
• D. PSM must be enabled in the Master Policy (either directly, or through exception)

Answer: B,D

NEW QUESTION # 73
What is the purpose of the PrivateArk Database service?

• A. Maintains Vault metadata
• B. Executes password changes
• C. Communicates with components
• D. Sends email alerts from the Vault

Answer: A

NEW QUESTION # 74
In the Private Ark client, how do you add an LDAP group to a CyberArk group?

• A. Select Update on the CyberArk group, and then click Add > LDAP Group
• B. Select Member Of on the LDAP group, and then click Add > LDAP Group
• C. Select Update on the LDAP Group, and then click Add > LDAP Group
• D. Select Member Of on the CyberArk group, and then click Add > LDAP Group

Answer: B

NEW QUESTION # 75
You are creating a new Rest API user that utilizes CyberArk Authentication.
What is a correct process to provision this user?

• A. Private Ark Client > Tools > Administrative Tools > Directory Mapping > Add
• B. Private Ark Client > Tools > Administrative Tools > Users and Groups > New > User
• C. PVWA > User Provisioning > LDAP Integration > Add Mapping
• D. PVWA > User Provisioning > Users and Groups > New > User

Answer: A

NEW QUESTION # 76
Which item is an option for PSM recording customization?

• A. Windows events text recorder and universal keystrokes recording simultaneously
• B. Universal keystrokes text recorder with windows events text recorder disabled
• C. Windows events text recorder with automatic play-back
• D. Custom audio recording for windows events

Answer: D

NEW QUESTION # 77
For an account attached to a platform that requires Dual Control based on a Master Policy exception, how would you configure a group of users to access a password without approval.

• A. Edit the master policy rule and modify the advanced 'Access safe without approval' rule to include the group.
• B. On the safe in which the account is stored grant the group the 'Access safe without confirmation' authorization.
• C. Create an exception to the Master Policy to exclude the group from the workflow process.
• D. On the safe in which the account is stored grant the group the 'Access safe without audit' authorization.

Answer: C

Explanation:
Explanation/Reference:
Reference: https://www.reddit.com/r/CyberARk/comments/6270zr/dual_control_on_specific_accounts/

NEW QUESTION # 78
You need to recover an account localadmin02 for target server 10.0.123.73 stored in Safe Team1.
What do you need to recover and decrypt the object? (Choose three.)

• A. Recovery Private Key
• B. Recovery Public Key
• C. Vault data
• D. Recover.exe
• E. Master Password
• F. Server Key

Answer: A,B,F

NEW QUESTION # 79
In order to connect to a target device through PSM, the account credentials used for the connection must be stored in the vault?

• A. False. Because if credentials are not stored in the vault, the PSM will log into the target device as PSM Connect.
• B. True.
• C. False. Because the user can also enter credentials manually using Secure Connect.
• D. False. Because if credentials are not stored in the vault, the PSM will prompt for credentials.

Answer: D

NEW QUESTION # 80
......

Online Questions - Outstanding Practice To your CAU201 Exam: https://www.dumpexams.com/CAU201-real-answers.html

Practice To CAU201 - Dumpexams Remarkable Practice On your CyberArk Defender Exam: https://drive.google.com/open?id=1r-yFrw1xRsDvO3qbGebL3kUn5zg9alP3