[Nov 19, 2021] Prepare For The CAU201 Question Papers In Advance
CAU201 PDF Dumps Real 2021 Recently Updated Questions
Certification Path
Valid Trustee Certification is prerequisite for this exam. Completion will give CyberArk Defender status.
NEW QUESTION 19
You have associated a logon account to one your UNIX cool accounts in the vault. When attempting to [b]change [/b] the root account's password the CPM will.....
- A. None of these
- B. Log in to the system as root, then change root's password
- C. Log in to the system as the logon account, run the su command to log in as root, and then change root's password.
- D. Log in to the system as the logon account, then change roofs password
Answer: C
NEW QUESTION 20
PTA can automatically suspend sessions if suspicious activities are detected in a privileged session, but only if the session is made via the CyberArk PSM.
- A. False, the PTA can suspend sessions whether the session is made via the PSM or not
- B. True
Answer: A
NEW QUESTION 21
tsparm.ini is the main configuration file for the Vault.
- A. False
- B. True
Answer: A
NEW QUESTION 22
All of your Unix root passwords are stored in the safe UnixRoot. Dual control is enabled for some of the accounts in that safe. Themembers of the AD group UnixAdmins need to be able to use the show, copy, and connect buttons on those passwords at any time without confirmation. The members of the AD group Operations Staff need to be able to use the show, copy and connect buttons on those passwords on an emergency basis, but only with the approval of a member of Operations Managers never need to be able to use the show, copy or connect buttons themselves.
Which safe permission do you need to grant Operations Staff? Check all that apply.
- A. Retrieve Accounts
- B. Authorize Password Requests
- C. Use Accounts
- D. Access Safe without Authorization
Answer: A
NEW QUESTION 23
When Dual Control is enabled a user must first submit a request in the Password Vault Web Access (PVWA) and receive approval before being able to launch a secure connection via PSM for Windows (previously known as RDP Proxy).
- A. False, a user can submit the request after the connection has already been initiated via the PSM for Windows
- B. True
Answer: A
NEW QUESTION 24
SAFE Authorizations may be granted to____________.
Select all that apply.
- A. Vault Group
- B. LDAP Users
- C. LDAP Groups
- D. Vault Users
Answer: A,B,C,D
NEW QUESTION 25
Target account platforms can be restricted to accounts that are stored in specific Safes using the AllowedSafes property.
- A. FALSE
- B. TRUE
Answer: A
NEW QUESTION 26
As long as you are a member of the Vault Admins group you can grant any permission on any safe.
- A. FALSE
- B. TRUE
Answer: A
Explanation:
Explanation
Being in Vault admins group only give you access to safes which are created during installation (safe created in installation process ) -This is clearly mentioned in documents .
NEW QUESTION 27
Customers who have the 'Access Safe without confirmation' safe permission on a safe where accounts are configured for Dual control, still need to request approval to use the account.
- A. FALSE
- B. TRUE
Answer: A
NEW QUESTION 28
Which of the following files must be created or configured m order to run Password Upload Utility? Select all that apply.
- A. A comma delimited upload file
- B. Vault.ini
- C. PACli.ini
- D. conf.ini
Answer: A,B,D
NEW QUESTION 29
Time of day or day of week restrictions on when password verifications can occur configured in ____________________.
- A. The Platform settings
- B. The Master Policy
- C. The Account Details
- D. The Safe settings
Answer: A
NEW QUESTION 30
What is the purpose of the Immediate Interval setting in a CPM policy?
- A. To control how long the CPM rests between password changes.
- B. To control how often the CPM looks for User Initiated CPM work.
- C. To control how often the CPM looks for System Initiated CPM work.
- D. To control the maximum amount of time the CPM will wait for a password change to complete.
Answer: A
NEW QUESTION 31
In order to connect to a target device through PSM, the account credentials used for the connection must be
stored in the vault?
- A. False. Because if credentials are not stored in the vault, the PSM will log into the target device as
PSMConnect. - B. False. Because if credentials are not stored in the vault, the PSM will prompt for credentials.
- C. False. Because the user can also enter credentials manually using Secure Connect.
- D. True.
Answer: C
NEW QUESTION 32
CyberArk implements license limits by controlling the number and types of users that can be provisioned in the vault.
- A. FALSE
- B. TRUE
Answer: B
Explanation:
Explanation/Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Managing-the- CyberArk-License.htm
NEW QUESTION 33
If a user is a member of more than one group that has authorizations on a safe, by default that user is granted____________________.
- A. the cumulative permissions of all the groups to which that user belongs.
- B. only those permissions that exist in all groups to which the user belongs.
- C. the vault will not allow this situation to occur.
- D. only those permissions that exist on the group added to the safe first.
Answer: D
NEW QUESTION 34
The Accounts Feed contains:
- A. Accounts that were discovered by CyberArk in the last 30 days
- B. All users added to CyberArk in the last 30 days
- C. All accounts added to the vault in the last 30 days
- D. Accounts that were discovered by CyberArk that have not yet been onboarded
Answer: A
NEW QUESTION 35
For an account attached to a platform that requires Dual Control based on a Master Policy exception, how would you configure a group of users to access a password without approval.
- A. Edit the master policy rule and modify the advanced 'Access safe without approval' rule to include the group.
- B. Create an exception to the Master Policy to exclude the group from the workflow process.
- C. On the safe in which the account is stored grant the group the 'Access safe without audit' authorization.
- D. On the safe in which the account is stored grant the group the 'Access safe without confirmation' authorization.
Answer: B
Explanation:
Explanation/Reference: https://www.reddit.com/r/CyberARk/comments/6270zr/dual_control_on_specific_accounts/
NEW QUESTION 36
Which utilities could you use to change debugging levels on the vault without having to restart the vault.
Select all that apply.
- A. Setup.exe
- B. PAR Agent
- C. Edit DBParm.ini in a text editor.
- D. PrivateArk Server Central Administration
Answer: B
NEW QUESTION 37
Match the log file name with the CyberArk Component that generates the log.
Answer:
Explanation:
NEW QUESTION 38
......
Understanding functional and technical aspects of CyberArk Ongoing Maintenance
The following will be discussed in the CAU-201 dumps:
- Ensure each component is operational
- Resync a credential file by running createcredfile manually on the command line
- Restore DR to normal operation after a failover
- Identify the log files for each component
- Create or Upvote an ER
- Restore an object to the vault from a PAReplicate Backup
- Open a support case with appropriate description and severity
- Assemble necessary log files for submission to a case (X-RAY)
- Backup Vault Data with PAReplicate
- Identify and locate component configuration files
CAU201 Dumps and Practice Test (114 Exam Questions): https://www.bootcamppdf.com/CAU201_exam-dumps.html
Released CyberArk CAU201 Updated Questions PDF: https://drive.google.com/open?id=1pXkHNPiMtnu-FOfZdrgTnIz_exH0SiJB