CyberArk GUARD - CyberArk Guardian Exam
Page: 2 / 12
Total 59 questions
Question #6 (Topic: Exam A)
Client ABC is looking to enhance their email notifications. They've found that they have many platforms where they want to send differently worded notifications to different groups on the same safe.
How do they achieve this?
How do they achieve this?
A. Duplicate the platform, assign the accounts that need different notifications to a new platform, add multiple distribution lists.
B. Create a custom notification based on the group's permissions on the safe. Create a new notification template. Create a new recipient for each group.
C. Create a custom notification based on the user's permissions on the safe. Create a new recipient for each group.
D. This would only be possible by onboarding a copy of the account to CyberArk a 2nd time and configuring the platform notification settings.
Answer: B
Question #7 (Topic: Exam A)
Which list exported using Export Vault Data (EVD) can be used to determine what Safe permissions have been granted to the DR Users group?
A. SafesList
B. OwnersList
C. UsersList
D. DRSafeUserList
Answer: D
Question #8 (Topic: Exam A)
In your customers current environment the Administrators are using shared Admin accounts, the account passwords are set to never expire and stored in an excel sheet that each Admin keeps locally on their system.
How can your customer leverage CyberArk to secure the shared Admin accounts?
How can your customer leverage CyberArk to secure the shared Admin accounts?
A. Vault the shared accounts and allow the Administrators access to the accounts via CyberArk and enable one-time passwords and exclusive accounts.
B. Vault the shared accounts in CyberArk and enable one-time passwords and exclusive accounts. Create new shared accounts for the Administrators to use outside of CyberArk.
C. Vault the shared accounts and do not allow the Administrators to use the accounts in CyberArk.
D. Vault the shared accounts and allow the Administrators access to the accounts via CyberArk and enable manual password change.
Answer: A
Question #9 (Topic: Exam A)
Your customer has a hybrid infrastructure that also spans multiple cloud vendors and privately owned Data Centers. They have deployed CyberArk PAM in AWS, leveraging the CyberArk provided scripts. 80% of the customers infrastructure exists within privately owned Data Centers. The customer has availability concerns between the cloud provider and Data Center. They are cloud first and are slowly migrating their servers into the cloud.
Master policies settings Active:
+ Require dual control password access approval
+ Enforce check-in/check-out exclusive access
+ Require Password Change every 25 days
+ Require Password Verification every 7 Days
What is the appropriate recommendation for the customer?
Master policies settings Active:
+ Require dual control password access approval
+ Enforce check-in/check-out exclusive access
+ Require Password Change every 25 days
+ Require Password Verification every 7 Days
What is the appropriate recommendation for the customer?
A. Keep the deployment as is in AWS.
B. Deploy an active CPM to the privately owned Data Center.
C. Deploy a separate infrastructure in another cloud vendor.
D. Migrate the CPM to the privately owned Data Center.
Answer: B
Question #10 (Topic: Exam A)
Alice is granted ownership of a safe both through group-membership and by her userID.
With a default configuration, how does the Vault apply her safe authorizations?
With a default configuration, how does the Vault apply her safe authorizations?
A. The Vault applies the combination of Alice's userID-defined and group-defined authorizations.
B. The Vault applies Alice's group-defined authorizations.
C. The Vault applies Alice's userID-defined authorizations.
D. The Vault denies access to Alice.
Answer: A
