CAU302 CyberArk Defender + Sentry exact Exam Questions

CyberArk Defender + Sentry

Last Update 4 hours ago Total Questions : 237

The CyberArk Defender + Sentry content is now fully updated, with all current exam questions added 4 hours ago. Deciding to include CAU302 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our CAU302 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these CAU302 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any CyberArk Defender + Sentry practice test comfortably within the allotted time.

Question # 21

Which of the following are secure options for storing the contents of the Operator CD. while still allowing the contents to be accessible upon a planned Vault restart? Choose alt that apply

Store the CD in a physical safe and mount the CD every time vault maintenance is performed.

Copy the contents of the CD to the System Safe on the vault

Copy the contents of the CD to a folder on the vault server and secure it with NTFS permissions.

Store the server key in a Hardware Security Module.

Store the server key in the Provider cache

Question # 22

What is the proper way to allow the Vault to resolve host names?

Define a DNS server.

Define a WINS server.

Define the local hosts file.

The Vault cannot resolve host names due to security standards.

Question # 23

Which combination of safe member permissions will allow End Users to log in to a remote machine

transparently but NOT show or copy the password?

Use Accounts, Retrieve Accounts, List Accounts

Use Accounts, List Accounts

Use Accounts

List Accounts, Retrieve Accounts

Question # 24

A Logon Account can be specified in the Master Policy

TRUE

FALSE

Question # 25

What is the primary purpose of Exclusive Accounts?

Reduced risk of credential theft

More frequent password changes

Non-repudiation (individual accountability)

To force a ‘collusion to commit’ fraud ensuring no single actor may use a password without authorization

Question # 26

It is possible to leverage DNA to provide discovery functions that are not available with auto-detection.

TRUE

FALSE

Question # 27

PTA can automatically suspend sessions in case of suspicious activities detected in a privileged session, only if the session is made via the CyberArk PSM.

True

False, the PTA can suspend sessions whether the session is made via the PSM or not

Question # 28

Which credentials does CyberArk use when managing a target account?

Those of the service account for the CyberArk Password Manager serviceD18912E1457D5D1DDCBD40AB3BF70D5D

A Domain Administrator account created for this purpose

The credentials of the target account

An account assigned by the Master Policy

Question # 29

The password upload utility must run from the CPM server.

TRUE

FALSE

Question # 30

When planning to load balance at least 2 PSM Servers in an "in-domain" deployment, is it required to move the PSMConnect and PSMAdminConnect users to the domain level?

Yes. but only the PSMConnect user must be moved to the domain.

No. this is the customers decision and will work with local or domain based users.

Yes, both PSMConnect and PSMAdminConnect users should be moved to the domain

No. both accounts must be left as local accounts.