2023 Valid CAU201 Exam Updates - 2023 Study Guide
CAU201 Certification - The Ultimate Guide [Updated 2023]
CyberArk CAU201 (CyberArk Defender) exam is a certification that focuses on the protection of privileged access within an organization. It is designed for cybersecurity professionals who are responsible for managing and securing privileged accounts, credentials, and secrets. CAU201 exam is vendor-neutral, meaning that it is not specific to any particular technology stack or product.
Understanding functional and technical aspects of CyberArk Security and Audit
The following will be discussed in the CAU-201 exam dumps:
- Configure a Response to Unmanaged Credentials
- Configure Automatic Session Termination
- Grant appropriate permission to allow users to run reports
- Understand the purpose of EVD
- Describe all reports and what information they give a user
- Configure email alerts in PTA
- Utilize safe permissions to limit the scope of reports for specific users
- Configure a Response to Credential Theft
- Describe the various PTA detections
NEW QUESTION # 44
Which is the primary purpose of exclusive accounts?
- A. Non-repudiation (individual accountability)
- B. To force a 'collusion to commit' fraud ensuring no single actor may use a password without authorization
- C. More frequent password changes
- D. Reduced risk of credential theft
Answer: A
NEW QUESTION # 45
Match the log file name with the CyberArk Component that generates the log.
Answer:
Explanation:
NEW QUESTION # 46
What is the purpose of the CyberArk Event Notification Engine service?
- A. It sends email messages from the Vault
- B. It processes audit report messages
- C. It sends email messages from the Central Policy Manager (CPM)
- D. It makes Vault data available to components
Answer: D
NEW QUESTION # 47
Within the Vault each password is encrypted by:
- A. the server key
- B. the recovery private key
- C. the recovery public key
- D. its own unique key
Answer: D
NEW QUESTION # 48
Your customer, ACME Corp, wants to store the Safes Data in Drive D instead of Drive C.
Which file should you edit?
- A. Vault.ini
- B. DBparm.ini
- C. user.ini
- D. TSparm.ini
Answer: D
NEW QUESTION # 49
You need to recover an account localadmin02 for target server 10.0.123.73 stored in Safe Team1.
What do you need to recover and decrypt the object? (Choose three.)
- A. Recovery Private Key
- B. Master Password
- C. Vault data
- D. Recover.exe
- E. Server Key
- F. Recovery Public Key
Answer: A,E,F
NEW QUESTION # 50
CyberArk implements license limits by controlling the number and types of users that can be provisioned in the vault.
- A. FALSE
- B. TRUE
Answer: B
NEW QUESTION # 51
Select the best practice for storing the Master CD.
- A. Store the CD in a secure location, such as a physical safe, and copy the contents of the CD to a folder secured with NTFS permissions on the Vault
- B. Copy the contents of the CD to a Hardware Security Module (HSM) and discard the CD
- C. Copy the files to the Vault server and discard the CD
- D. Store the CD in a secure location, such as a physical safe
Answer: A
NEW QUESTION # 52
Which of the following statements are NOT true when enabling PSM recording for a target Windows server?
(Choose all that apply)
- A. PSMConnect must be added as a local user on the target server
- B. RDP must be enabled on the target server
- C. The PSM software must be instated on the target server
- D. PSM must be enabled in the Master Policy (either directly, or through exception)
Answer: C,D
NEW QUESTION # 53
Users can be resulted to using certain CyberArk interfaces (e.g.PVWA or PACLI).
- A. TRUE
- B. FALS
Answer: A
NEW QUESTION # 54
A Logon Account can be specified in the Master Policy.
- A. FALSE
- B. TRUE
Answer: A
NEW QUESTION # 55
Which combination of Safe member permissions will allow end users to log in to a remote machine transparently but NOT show or copy the password?
- A. Use Accounts
- B. Use Accounts, List Accounts
- C. Use Accounts, Retrieve Accounts, List Accounts
- D. List Accounts, Retrieve Accounts
Answer: D
NEW QUESTION # 56
Time of day or day of week restrictions on when password verifications can occur configured in
____________________.
- A. The Account Details
- B. The Platform settings
- C. The Safe settings
- D. The Master Policy
Answer: B
Explanation:
Explanation/Reference: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Verifying- Passwords.htm
NEW QUESTION # 57
Which report provides a list of account stored in the vault.
- A. Privileged Accounts Compliance Status
- B. Privileged Accounts Inventory
- C. Entitlement Report
- D. Active Log
Answer: B
NEW QUESTION # 58
What is the maximum number of levels of authorizations you can set up in Dual Control?
- A. 0
- B. 1
- C. 2
- D. 3
Answer: A
NEW QUESTION # 59
The Password upload utility can be used to create safes.
- A. FALSE
- B. TRUE
Answer: B
Explanation:
Explanation/Reference:
https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Password-Upload- Utility.htm
NEW QUESTION # 60
......
CyberArk CAU201 (CyberArk Defender) certification exam is designed for individuals looking to validate their expertise in deploying and managing CyberArk solutions. CyberArk is a leading provider of privileged access management (PAM) solutions, which help organizations secure their most critical assets from cyber threats. The CyberArk Defender certification exam is a comprehensive test that evaluates candidates’ skills in implementing CyberArk solutions, managing privileged accounts, and detecting and responding to threats.
CAU201 Practice Exam and Study Guides - Verified By ExamcollectionPass: https://www.examcollectionpass.com/CyberArk/CAU201-practice-exam-dumps.html