CyberArk EPM-DEF Exam Questions Free Practice Test

Viewing page 1 out of 2 pages

Viewing questions 1-10 out of questions

Questions # 1:

An EPM Administrator is looking to enable the Threat Deception feature, under what section should the EPM Administrator go to enable this feature?

Options:

Threat Protection Inbox

Policies

Threat Intelligence

Policy Audit

Expert Solution

Questions # 2:

An end user is reporting that an application that needs administrative rights is crashing when selecting a certain option menu item. The Application is part of an advanced elevate policy and is working correctly except when using that menu item.

What could be the EPM cause of the error?

Options:

The Users defined in the advanced policy do not include the end user running the application.

The Advanced: Time options are not set correctly to include the time that the user is running the application at.

The Elevate Child Processes option is not enabled.

The Specify permissions to be set for selected Services on End-user Computers is set to Allow Start/Stop

Expert Solution

Questions # 3:

What are Trusted sources for Windows endpoints used for?

Options:

Creating policies that contain trusted sources of applications.

Defining applications that can be used by the developers.

Listing all the approved application to the end users.

Managing groups added by recommendation.

Expert Solution

Questions # 4:

When working with credential rotation at the EPM level, what is the minimum time period that can be set between connections?

Options:

1 hour

5 hours

24 hours

72 hours

Expert Solution

Questions # 5:

What are valid policy options for JIT and elevation policies?

Options:

Grant temporary access for all users, Policy name, Restart administrative processes in admin approval mode, Collect audit information

Grant temporary access for, Policy name, Terminate administrative processes when the policy expires, Collect audit information

Grant administrative access, Policy name, Log off to apply policy, Collect policy violation information

Terminate administrative services, Grant policy access for, Policy name, Collect audit reports

Expert Solution

Questions # 6:

What EPM component is responsible for communicating password changes in credential rotation?

Options:

EPM Agent

EPM Server

EPM API

EPM Discovery

Expert Solution

Questions # 7:

Before enabling Ransomware Protection, what should the EPM Administrator do first?

Options:

Enable the Privilege Management Inbox in Elevate mode.

Enable the Control Applications Downloaded From The Internet feature in Restrict mode.

Review the Authorized Applications (Ransomware Protection) group and update if necessary.

Enable Threat Protection and Threat Intelligence modules.

Expert Solution

Questions # 8:

Which of the following application options can be used when defining trusted sources?

Options:

Publisher, Product, Size, URL

Publisher, Name, Size, URI

Product, URL, Machine, Package

Product, Publisher, User/Group, Installation Package

Expert Solution

Questions # 9:

An EPM Administrator would like to notify end users whenever the Elevate policy is granting users elevation for their applications. Where should the EPM Administrator go to enable the end-user dialog?

Options:

End-user UI in the left panel of the console

Advanced, Agent Configurations

Default Policies

End-User UI within the policy

Expert Solution

Questions # 10:

When deploying EPM and in the Privilege Management phase what is the purpose of Discovery?

Options:

To identify all non-administrative events

To identify all administrative level events

To identify both administrative and non-administrative level events

To identify non-administrative threats

Expert Solution

Viewing page 1 out of 2 pages

Viewing questions 1-10 out of questions

Pass the CyberArk Defender EPM-DEF Questions and answers with CertsForce