CAU302 Exam - Question 87

Question

All of your Unix root passwords are stored in the safe UnixRoot. Dual control is enabled for some of the accounts in that safe. The members of the AD group

UnixAdmins need to be able to use the show, copy, and connect buttons on those passwords at any time without confirmation. The members of the AD group

OperationsStaff need to be able to use the show, copy and connect buttons on those passwords on an emergency basis, but only with the approval of a member of OperationsManagers. The members of OperationsManagers never need to be able to use the show, copy or connect buttons themselves.

Which safe permissions do you need to grant to OperationsManagers? (Choose all that apply.)

Examice · Accepted Answer

The members of OperationsManagers need to approve requests for the OperationsStaff to use the show, copy, and connect buttons on the Unix root passwords. Therefore, they need the 'Authorize Password Requests' permission to grant this approval. They also need the 'List Accounts' permission to view the accounts they might need to authorize requests for. As they do not need to use, retrieve, or directly access the accounts themselves, the other permissions are unnecessary.

crazymonkey · Answer

The correct is CD

Ashes15 · Answer

Answer is D

Kaustav01 · Answer

Correct answer is ABCD

duracell · Answer

https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/NewUI/NewUI-Review-requests.htm?Highlight=Master%20user#Createanauthorizeduser

Scorpion23 · Answer

The correct answer is C and D
C = List Account, so that the group can view only the account 
D = To approve only requests. Since it is mentioned that OperationStaff need approval from the OperationsManager.

As mentioned they don't need to use and retrieve the account so the other options are out.

CAU302 Exam - Question 87

Discussion