A particular user in company ABC requires the ability to run any application with administrative privileges every day that they log in to their systems for a total duration of 5 working days.
What is the correct solution that an EPM admin can implement?
An EPM admin can generate a JIT access and elevation policy with a temporary access timeframe set to 120 hours. This solution directly addresses the requirement of enabling administrative privileges for a continuous duration of 5 working days (120 hours), allowing the necessary applications to be run with administrative privileges throughout that period. Other options either involve unnecessary steps or do not meet the specified duration precisely.
A is correct because as JIT we can create in Application advance policy, not user JIT policy with a time frame of 120 HRS
Looks like the maximum temporary access length according to the CA docs is between 1h and 72hrs. https://docs.cyberark.com/epm/latest/en/Content/Policies/JITElevationAdmin-NewUI.htm#CreateaJITpolicy
The answer could be A because in B is mentioned: Terminate administrative processes when the policy expires option unchecked. If you want to terminate administrative processes the option has to be checked.