Here you have the best CyberArk CAU201 practice exam questions
If a user is a member of more than one group that has authorizations on a safe, by default that user is granted____________________.
If a user is a member of more than one group that has authorizations on a safe, by default that user is granted the cumulative permissions of all the groups to which that user belongs. This means that the user will inherit all the permissions assigned to the various groups, rather than being limited to permissions from only one group.
It is possible to control the hours of the day during which a user may long into the vault.
It is possible to control the hours of the day during which a user may log into the vault. This feature is common in many security and access control systems to enhance security by restricting access to specific time frames.
VAULT authorizations may be granted to ____________________. (Choose all that apply.)
VAULT authorizations are typically granted to Vault Users. This means that individual users who have been added to the system can receive specific authorizations. The concept of granting authorizations primarily to individual users rather than groups or external entities like LDAP users aligns with common practices in access management for secure systems.
What is the purpose of the Interval setting in a CPM policy?
The purpose of the Interval setting in a Central Policy Manager (CPM) policy is to control how often the CPM looks for System Initiated CPM work. This setting determines the frequency with which the CPM checks for new tasks initiated by the system to manage tasks efficiently and ensure timely execution of automated password management processes.
All of your Unix root passwords are stored in the safe UnixRoot. Dual control is enabled for some of the accounts in that safe. The members of the AD group
UnixAdmins need to be able to use the show, copy, and connect buttons on those passwords at any time without confirmation. The members of the AD group
OperationsStaff need to be able to use the show, copy and connect buttons on those passwords on an emergency basis, but only with the approval of a member of OperationsManagers. The members of OperationsManagers never need to be able to use the show, copy or connect buttons themselves.
Which safe permissions do you need to grant to OperationsStaff? (Choose all that apply.)
To meet the requirements for OperationsStaff, both 'Use Accounts' and 'Retrieve Accounts' permissions are necessary. 'Use Accounts' is required for connecting to the servers using PSM (Privileged Session Manager), and 'Retrieve Accounts' is required to show and copy passwords. While 'List Accounts' may assist in viewing accounts in the safe, it is not directly indicated as necessary based on the requirements specified. 'Authorize Password Requests' and 'Access Safe without Authorization' are not necessary for OperationsStaff to use the show, copy, and connect functions as described.