CyberArk CDE Recertification

Here you have the best CyberArk PAM-CDE-RECERT practice exam questions

  • You have 100 total questions to study from
  • Each page has 5 questions, making a total of 20 pages
  • You can navigate through the pages using the buttons at the bottom
  • This questions were last updated on December 17, 2024
Question 1 of 100

Before the hardening process, your customer identified a PSM Universal Connector executable that will be required to run on the PSM. Which file should you update to allow this to run?

    Correct Answer: A

    To allow a specific executable to run on the PSM, you need to update the AppLocker rules. The correct file to modify for this purpose is PSMConfigureAppLocker.xml, as it directly influences which executables are permitted to run on the PSM server.

Question 2 of 100

As Vault Admin, you have been asked to configure LDAP authentication for your organization's CyberArk users. Which permissions do you need to complete this task?

    Correct Answer: B

    To configure LDAP authentication for CyberArk users, you would need the ability to manage directory mappings, which allows you to connect CyberArk roles to the appropriate LDAP groups. This ensures that users are authenticated correctly based on their LDAP group memberships. Therefore, the permissions required would be Audit Users and Manage Directory Mapping.

Question 3 of 100

In the screenshot displayed, you just configured the usage in CyberArk and want to update its password.

What is the least intrusive way to accomplish this?

    Correct Answer: D

    The least intrusive way to update the password configured for usage in CyberArk is to use the 'reconcile' button on the parent account's details page. Reconciliation allows the system to ensure that the password in the vault is synchronized with the password on the target system without directly changing or modifying the existing password in an intrusive manner.

Question 4 of 100

DRAG DROP -

Arrange the steps to complete CPM Hardening for Out-of-Domain Deployment in the correct sequence.

    Correct Answer:

    To complete CPM Hardening for Out-of-Domain Deployment, the correct sequence of steps is as follows: 1. Locate the CPM_Hardening.ps1 script in the installation media. This is the initial step because you need to find the script before you can run it. 2. Open PowerShell as Administrator and run the script. Running the script requires administrative privileges to ensure it can make the necessary system changes. 3. Review the script log called HardeningScript log. This step involves checking the log file generated by the script to verify that the hardening process has completed correctly. 4. Review the script log called CYBRHardeningsecedit.log. This final step involves reviewing another log file to ensure that additional hardening steps have been correctly applied. This order is essential to ensure each step follows logically and that the hardening process is verified through log checks at the end.

Question 5 of 100

Which certificate type do you need to configure the vault for LDAP over SSL?

    Correct Answer: A

    To configure the vault for LDAP over SSL, you need the CA Certificate that signed the certificate used by the External Directory. This is because the Vault needs to validate and trust the certificate presented by the LDAP server, and importing the CA Certificate that signed the LDAP server's certificate is the proper way to establish this trust.