Examice

Exam ACCESS-DEF All QuestionsBrowse all questions from this exam

Question 7

Refer to the exhibit.

Which statements are correct regarding this Authentication Policy? (Choose two.)

Users will still be asked for their MFA even if they mistyped their username.

If users have set up CyberArk Mobile Authenticator as an MFA, they will still receive the Push Notification to confirm the request even if they mistyped their password.

Users will not be notified which challenge they failed if their login attempt failed.

If users have set up a Security Question as an MFA, the Security Question will not be displayed to the user to answer even if they mistyped their password.

If the first factor is password and the user is an Active Directory user and the Active Directory is unavailable, this setting does not matter because the user will not be able to authenticate through Active Directory credentials and will see the message "Active Directory not available".

Correct Answer: B, E

The setting 'Continue with additional challenges after failed challenge' in the Authentication Policy indicates that even if the initial challenge (e.g., password) fails, subsequent challenges (MFA) will continue to be presented to the user. Therefore, if users have set up the CyberArk Mobile Authenticator as an MFA, they will still receive the push notification even if they mistyped their password. Also, if the first factor is a password and the user is an Active Directory user but Active Directory is unavailable, the user will not be able to authenticate using Active Directory credentials and will see the message 'Active Directory not available,' making the setting irrelevant in this scenario.

Discussion

oswaldekOptions: BC

B,C - correct https://docs.cyberark.com/Identity/Latest/en/Content/CoreServices/Authenticate/MFAFirstFail.htm?Highlight=%22Continue%20with%20additional%20challenges%20after%20failed%20challenge%22