合格させるCyberArk CAU201試験には保証が付きます。更新されたのは179問があります [Q107-Q130]

合格させるCyberArk CAU201試験には保証が付きます。更新されたのは179問があります

最新のCAU201合格保証付き試験問題集の認定サンプル問題

CyberArk CAU201（CyberArk Defender）認定試験は、組織内で機密データと特権アカウントを保護する責任がある専門家のスキルと知識をテストするために設計されています。この試験は、CyberArkの特権アクセスセキュリティソリューションに焦点を当て、パスワード管理、セッション管理、脅威検知および対応、およびインフラ管理などのトピックをカバーしています。

 

質問 # 107
The primary purpose of exclusive accounts is to ensure non-repudiation (individual accountability).

• A. FALSE
• B. TRUE

正解：B

質問 # 108
What is the configuration file used by the CPM scanner when scanning UNIX/Linux devices?

• A. plink.exe
• B. dbparm.ini
• C. PVConfig.xml
• D. UnixPrompts.ini

正解：D

質問 # 109
It is possible to restrict the time of day, or day of week that a [b]verify[/b] process can occur

• A. FALSE
• B. TRUE

正解：B

解説：
Password verification can be restricted to specific days. This means that the CPM will only verify passwords on the days of the week specified in the VFExecutionDays parameter. The days of the week are represented by the first 3 letters of the name of the day. Sunday is represented by Sun, Monday by Mon, etc.

質問 # 110
Which parameter controls how often the CPM looks for Soon-to-be-expired Passwords that need to be
changed.

• A. Interval
• B. The CPM does not change the password under this circumstance
• C. HeadStartInterval
• D. ImmediateInterval

正解：D

質問 # 111
For each listed prerequisite, identify if it is mandatory or not mandatory to run the PSM Health Check.

正解：

解説：

質問 # 112
What is the easiest way to duplicate an existing platform?

• A. From the PVWA, navigate to the platforms page, select an existing platform that is similar to the new target account platform, manually update the platform settings and click "Save as" INSTEAD of save to duplicate and rename the platform.
• B. From PrivateArk, copy/paste the appropriate settings in PVConfiguration.xml; then update the policyName variable.
• C. From PrivateArk, copy/paste the appropriate Policy.ini file; then rename it.
• D. From the PVWA, navigate to the platforms page, select an existing platform that is similar to the new target account platform and then click Duplicate; name the new platform.

正解：A

質問 # 113
The System safe allows access to the Vault configuration files.

• A. TRUE
• B. FALSE

正解：B

質問 # 114
You have associated a logon account to one of your UNIX root accounts in the vault. When attempting to
change the root account's password the CPM will...

• A. Log in to the system as root, then change root's password.
• B. Log in to the system as the logon account, then change root's password
• C. Log in to the system as the logon account, run the su command to log in as root, and then change root's
  password.
• D. None of these.

正解：A

質問 # 115
Match the log file name with the CyberArk Component that generates the log.

正解：

解説：

質問 # 116
What is the maximum number of levels of authorization you can set up in Dual Control?

• A. 0
• B. 1
• C. 2
• D. 3

正解：B

質問 # 117
SAFE Authorizations may be granted to____________.
Select all that apply.

• A. LDAP Groups
• B. Vault Users
• C. LDAP Users
• D. Vault Group

正解：A

質問 # 118
Accounts Discovery allows secure connections to domain controllers.

• A. TRUE
• B. FALSE

正解：B

解説：
Explanation/Reference:

質問 # 119
The vault supports Role Based Access Control.

• A. TRUE
• B. FALSE

正解：B

解説：
Explanation/Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Object-Level- Access-Control.htm

質問 # 120
PSM captures a record of each command that was executed in Unix.

• A. FALSE
• B. TRUE

正解：B

質問 # 121
You received a notification from one of your CyberArk auditors that they are missing Vault level audit permissions. You confirmed that all auditors are missing the Audit Users Vault permission.
Where do you update this permission for all auditors?

• A. Private Ark Client > Tools > Administrative Tools > Directory Mapping > Vault Authorizations
• B. PVWA> Administration > Configuration Options > LDAP integration > Vault Auditors Mapping > Vault Authorizations
• C. Private Ark Client > Tools > Administrative Tools > Users and Groups > Auditors > Authorizations tab
• D. PVWA User Provisioning > LDAP integration > Vault Auditors Mapping > Vault Authorizations

正解：C

質問 # 122
Which of the following statements are NOT true when enabling PSM recording for a target Windows server? (Choose all that apply)

• A. PSMConnect must be added as a local user on the target server
• B. PSM must be enabled in the Master Policy (either directly, or through exception)
• C. The PSM software must be instated on the target server
• D. RDP must be enabled on the target server

正解：B、C

質問 # 123
What is the purpose of the HeadStartlnterval setting m a platform?

• A. It instructs the AIM Provider to 'skip the cache' during the defined time period
• B. It determines how far in advance audit data is collected tor reports
• C. It alerts users of upcoming password changes x number of days before expiration.
• D. It instructs the CPM to initiate the password change process X number of days before expiration.

正解：D

解説：
Explanation
The number of days before the password expires (according to the ExpirationPeriod parameter) that the CPM will initiate a password change process. This parameter is not relevant if the policy will be applied to a member of an account group.

質問 # 124
What is the primary purpose of Dual Control?

• A. Non-repudiation (individual accountability)
• B. To force a 'collusion to commit' fraud ensuring no single actor may use a password without authorization.
• C. More frequent password changes
• D. Reduced risk of credential theft

正解：B

解説：
Explanation/Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Dual-
Control.htm

質問 # 125
Vault admins must manually add the auditors group to newly created safes so auditors will have sufficient access to run reports.

• A. TRUE
• B. FALSE

正解：B

解説：
Explanation/Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/MESSAGES/Password
%20Vault%20Web%20Access%20Messages-%20General.htm

質問 # 126
The Accounts Feed contains:

• A. Accounts that were discovered by CyberArk that have not yet been onboarded
• B. Accounts that were discovered by CyberArk in the last 30 days
• C. All accounts added to the vault in the last 30 days
• D. All users added to CyberArk in the last 30 days

正解：B

解説：
Explanation

質問 # 127
In accordance with best practice, SSH access is denied for root accounts on UNIXLINUX system.
What is the BEST way to allow CPM to manage root accounts?

• A. Create a privileged account on the target server. Allow this account the ability to SSH directly from the CPM machine. Configure this account of the target server's root account.
• B. Configure the CPM to allow SSH logins.
• C. Create a non-privileged account on the target server. Allow this account the ability to SSH directly from the CPM machine. Configure this account as the Logon account of the target server's root account.
• D. Configure the Unix system to allow SSH logins.

正解：C

質問 # 128
Which PTA sensors are required to detect suspected credential theft?

• A. Logs, PSM Logs, CPM Logs
• B. Logs, Network Sensor, EPM
• C. Logs, Vault Logs
• D. Logs, Network Sensor, Vault Logs

正解：C

質問 # 129
Your customer, ACME Corp, wants to store the Safes Data in Drive D instead of Drive C.
Which file should you edit?

• A. user.ini
• B. TSparm.ini
• C. Vault.ini
• D. DBparm.ini

正解：B

質問 # 130
......

最新CAU201テスト材料には有効なCAU201テストエンジン：https://www.jpntest.com/shiken/CAU201-mondaishu