Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmaspas7

Easiest Solution 2 Pass Your Certification Exams

CAU302 CyberArk Defender + Sentry Free Practice Exam Questions (2025 Updated)

Prepare effectively for your CyberArk CAU302 CyberArk Defender + Sentry certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.

CyberArk CAU302 Premium Access     Download Demo    
Page: 3 / 4
Total 237 questions

A SIEM integration allows you to forward ITALOG records to a monitoring solution.

A.

TRUE

B.

FALSE

What is the process to remove object level access control from a Safe?

A.

Uncheck the 'Enable Object Level Access Control' on the Safe Details page in the PVWA.

B.

Uncheck the 'Enable Object Level Access Control' box in the Safe Properties in PrivateArk.

C.

This cannot be done.

D.

Remove all ACLs from the Safe.

When a group is granted the ‘Authorize Account Requests’ permission on a safe Dual Control requests must

be approved by:

A.

Any one person from that group

B.

Every person from that group

C.

The number of persons specified by the Master Policy

D.

That access cannot be granted to groups

When a DR Vault Server becomes an active vault, it will automatically revert back to DR mode once the Primary Vault comes back online.

A.

True, this is the default behavior.

B.

False, the Vault administrator must manually set the DR Vault to DR mode by setting “FailoverMode=no” in the padr.ini file.

C.

True, if the AllowFailback setting is set to “yes” in the padr.ini file.

D.

False, the Vault administrator must manually set the DR Vault to DR mode by setting “FailoverMode=no” in the dbparm.ini file.

When planning to load balance at least 2 PSM Servers in an "in-domain" deployment, is it required to move the PSMConnect and PSMAdminConnect users to the domain level?

A.

Yes. but only the PSMConnect user must be moved to the domain.

B.

No. this is the customers decision and will work with local or domain based users.

C.

Yes, both PSMConnect and PSMAdminConnect users should be moved to the domain

D.

No. both accounts must be left as local accounts.

Which type of automatic remediation can be performed by the PTA in case of a suspected credential theft security event?

A.

Password change

B.

Password reconciliation

C.

Session suspension

D.

Session termination

Which of the following statements are NOT true when enabling PSM recording for a target Windows server? Choose all that apply

A.

The PSM software must be installed on the target server

B.

PSM must be enabled in the Master Policy {either directly, or through exception).

C.

PSMConnect must be added as a local user on the target server

D.

RDP must be enabled on the target server

The PSM requires the Remote Desktop Web Access role service.

A.

True

B.

False

After the Vault administrator configures syslog integration on the Vault, the Vault will be able to.

A.

forward ITALOG records to Security Information and Event Management (SIEM).

B.

send out Simple Network Management Protocol (SNMP) traps.

C.

forward audit records to Security Information and Event Management (SIEM).

D.

forward emails to SIEM.

What is the purpose of the Allowed Safes parameter in a CPM policy? Select all that apply.

A.

To improve performance by reducing CPU workload.

B.

To prevent accidental use of a policy in the wrong safe.

C.

To allow users to access only the passwords they should be able to access.

D.

To enforce Least Privilege in CyberArk.

A user has successfully conducted a short PSM session and logged off. However, the user cannot access the Monitoring tab to view the recordings. What is the issue?

A.

The user must login as PSMAdminConnect.

B.

The PSM service is not running.

C.

The user is not a member of the PVWAMonitor group.

D.

The user is not a member of the Auditors group.

Can ITALOG records be forwarded to the monitoring solution via Security Information and Event Management (SIEM) integration?

A.

Yes

B.

No

When managing SSH keys. CPM automatically pushes the Public Key to the target system.

A.

TRUE

B.

FALSE

One time passwords reduce the risk of Pass the Hash vulnerabilities in Windows

A.

TRUE

B.

FALSE

What is the purpose of a password group?

A.

To ensure that a particular collection of accounts all have the same password

B.

To ensure a particular set of accounts all change at the same time

C.

To connect the CPM to a target system

D.

To allow more than one account to work together as part of a password management process

According to the default web options settings, which group grants access to the reports page?

A.

PVWAMonitor

B.

PVWAUsers

C.

Auditors

D.

Vault administrators

Which of the following are secure options for storing the contents of the Operator CD. while still allowing the contents to be accessible upon a planned Vault restart? Choose alt that apply

A.

Store the CD in a physical safe and mount the CD every time vault maintenance is performed.

B.

Copy the contents of the CD to the System Safe on the vault

C.

Copy the contents of the CD to a folder on the vault server and secure it with NTFS permissions.

D.

Store the server key in a Hardware Security Module.

E.

Store the server key in the Provider cache

The password upload utility must run from the CPM server.

A.

TRUE

B.

FALSE

To support a fault tolerant and high-availability architecture, the Password Vault Web Access (PVWA) servers must to be configured to communicate with the Primary Vault and Satellite Vaults. Which file needs to be changed on the PVWA to enable this setup?

A.

Vault.ini

B.

dbparm.ini

C.

pvwa.ini

D.

Satellite.ini

Vault admins must manually add the auditors group to newly created safes so auditors will have sufficient access to run reports.D18912E1457D5D1DDCBD40AB3BF70D5D

A.

TRUE

B.

FALSE

CyberArk CAU302 Premium Access     Download Demo    
Page: 3 / 4
Total 237 questions
Copyright © 2014-2025 Solution2Pass. All Rights Reserved