CyberArk Defender

Here you have the best CyberArk CAU201 practice exam questions

  • You have 150 total questions to study from
  • Each page has 5 questions, making a total of 30 pages
  • You can navigate through the pages using the buttons at the bottom
  • This questions were last updated on December 2, 2024
Question 1 of 150

If a user is a member of more than one group that has authorizations on a safe, by default that user is granted____________________.

    Correct Answer: D

    If a user is a member of more than one group that has authorizations on a safe, by default that user is granted the cumulative permissions of all the groups to which that user belongs. This means that the user will inherit all the permissions assigned to the various groups, rather than being limited to permissions from only one group.

Question 2 of 150

It is possible to control the hours of the day during which a user may long into the vault.

    Correct Answer: A

    It is possible to control the hours of the day during which a user may log into the vault. This feature is common in many security and access control systems to enhance security by restricting access to specific time frames.

Question 3 of 150

VAULT authorizations may be granted to ____________________. (Choose all that apply.)

    Correct Answer: A

    VAULT authorizations are typically granted to Vault Users. This means that individual users who have been added to the system can receive specific authorizations. The concept of granting authorizations primarily to individual users rather than groups or external entities like LDAP users aligns with common practices in access management for secure systems.

Question 4 of 150

What is the purpose of the Interval setting in a CPM policy?

    Correct Answer: A

    The purpose of the Interval setting in a Central Policy Manager (CPM) policy is to control how often the CPM looks for System Initiated CPM work. This setting determines the frequency with which the CPM checks for new tasks initiated by the system to manage tasks efficiently and ensure timely execution of automated password management processes.

Question 5 of 150

All of your Unix root passwords are stored in the safe UnixRoot. Dual control is enabled for some of the accounts in that safe. The members of the AD group

UnixAdmins need to be able to use the show, copy, and connect buttons on those passwords at any time without confirmation. The members of the AD group

OperationsStaff need to be able to use the show, copy and connect buttons on those passwords on an emergency basis, but only with the approval of a member of OperationsManagers. The members of OperationsManagers never need to be able to use the show, copy or connect buttons themselves.

Which safe permissions do you need to grant to OperationsStaff? (Choose all that apply.)

    Correct Answer: A, B

    To meet the requirements for OperationsStaff, both 'Use Accounts' and 'Retrieve Accounts' permissions are necessary. 'Use Accounts' is required for connecting to the servers using PSM (Privileged Session Manager), and 'Retrieve Accounts' is required to show and copy passwords. While 'List Accounts' may assist in viewing accounts in the safe, it is not directly indicated as necessary based on the requirements specified. 'Authorize Password Requests' and 'Access Safe without Authorization' are not necessary for OperationsStaff to use the show, copy, and connect functions as described.