Examice

Exam PAM-CDE-RECERT All QuestionsBrowse all questions from this exam

Question 51

After installing the Vault, you need to allow Firewall Access for Windows Time service to sync with NTP servers 10.1.1.1 and 10.2.2.2.

What should you do?

Edit DBParm.ini to add: AllowNonStandardFWAddresses=[10.1.1.1,10.2.2.2],Yes,123:outbound/udp.

Edit DBParm.ini to add: NTPServer=[10.1.1.1:123/UDP,10.2.2.2:123/UDP].

Edit DBParm.ini to add: AllowNonStandardFWAddresses=[10.1.1.1,10.2.2.2],Yes:123,outbound/udp,123:inbound/udp.

Edit the Windows Firewall configuration to add a rule for Port 123/udp outbound to 10.1.1.1 and 10.2.2.2.

Correct Answer: D

To allow Firewall Access for Windows Time service to sync with NTP servers, you should edit the Windows Firewall configuration to add a rule for Port 123/udp outbound to 10.1.1.1 and 10.2.2.2. This ensures that the NTP protocol, which primarily uses UDP port 123 for time synchronization, can communicate with the specified servers through the firewall.

Discussion

dru0paOption: A

https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PAS%20INST/following-vault-Installation.htm#Configur

43aa45aOption: A

AS it is UDP not TCP. The client will use dynamically allocated source ports for outgoing requests, and the firewall will allow responses from the servers automatically. Even it is UDP 123 for responses - by default for some old configurations settings. So only outbound communication is required.

MoneybagOption: A

A is the correct answer