Which Master Policy Setting must be active in order to have an account checked-out by one user for a pre-determined amount of time?
Which Master Policy Setting must be active in order to have an account checked-out by one user for a pre-determined amount of time?
To have an account checked out by one user for a pre-determined amount of time, both 'Enforce check-in/check-out exclusive access' and 'Enforce one-time password access' settings must be active. The 'Enforce check-in/check-out exclusive access' rule ensures that once a password is checked out, no one else can access it until it is checked back in, maintaining exclusive access. The 'Enforce one-time password access' rule restricts the password use to a single session or user, ensuring a single user can check out the account securely for the specified period.
Answer is D regarding PAM Exam.
Correct Answer is D according to CyberArk Defender Sample exam.
D is correct. Here the key point is to know that using one-time password restricts access to a single user. And the question asks for one user which has the same meaning.
To achieve automatic release of locked passwords and full personal accountability, enable this rule along with the Enforce one-time password access rule. https://docs.cyberark.com/Product-Doc/OnlineHelp/PrivCloud/Latest/en/Content/Privilege%20Cloud/privCloud-master-policy-rules.htm#Enforce
Answer D