CyberArk PAM-DEF Practice Exams
Last updated on Mar 31,2025- Exam Code: PAM-DEF
- Exam Name: CyberArk Defender – PAM
- Certification Provider: CyberArk
- Latest update: Mar 31,2025
What are the minimum permissions to add multiple accounts from a file when using PVWA bulk-upload? (Choose three.)
- A . add accounts
- B . rename accounts
- C . update account content
- D . update account properties
- E . view safe members
- F . add safes
DRAG DROP
A new HTML5 Gateway has been deployed in your organization.
From the PVWA, arrange the steps to configure a PSM host to use the HTML5 Gateway in the correct sequence.
DRAG DROP
A new HTML5 Gateway has been deployed in your organization.
From the PVWA, arrange the steps to configure a PSM host to use the HTML5 Gateway in the correct sequence.
You want to give a newly-created group rights to review security events under the Security pane. You also want to be able to update the status of these events.
Where must you update the group to allow this?
- A . in the PTAAuthorizationGroups parameter, found in Administration > Options > PTA
- B . in the PTAAuthorizationGroups parameter, found in Administration > Options > General
- C . in the SecurityEventsAuthorizationGroups parameter, found in Administration > Security > Options
- D . in the SecurityEventsFeedAuthorizationGroups parameter, found in Administration > Options > General
You are onboarding an account that is not supported out of the box.
What should you do first to obtain a platform to import?
- A . Create a service ticket in the customer portal explaining the requirements of the custom platform.
- B . Search common community portals like stackoverflow, reddit, github for an existing platform.
- C . From the platforms page, uncheck the "Hide non-supported platforms" checkbox and see if a platform meeting your needs appears.
- D . Visit the CyberArk marketplace and search for a platform that meets your needs.
During a High Availability node switch you notice an error and the Cluster Vault Manager Utility fails back to the original node.
Which log files should you check to investigate the cause of the issue? (Choose three.)
- A . CyberArk Webconsole.log
- B . VaultDB.log
- C . PM_Error.log
- D . ITALog.log
- E . ClusterVault.console.log
- F . logiccontainer.log
Which configuration file is used by the CPM scanner when scanning UNIX/Linux devices?
- A . UnixPrompts.ini
- B . plink.exe
- C . dbparm.ini
- D . UnixScanner.ini
When are external vault users and groups synchronized by default?
- A . They are synchronized once every 24 hours between 1 AM and 5 AM.
- B . They are synchronized once every 24 hours between 7 PM and 12 AM.
- C . They are synchronized every 2 hours.
- D . They are not synchronized according to a specific schedule.
When an account is unable to change its own password, how can you ensure that password reset with the reconcile account is performed each time instead of a change?
- A . Set the parameter RCAllowManualReconciliation to Yes.
- B . Set the parameter ChangePasswordinResetMade to Yes.
- C . Set the parameter IgnoreReconcileOnMissingAccount to No.
- D . Set the UnlockUserOnReconcile to Yes.
Your organization has a requirement to allow only one user to "check out passwords" and connect through the PSM securely.
What needs to be configured in the Master policy to ensure this will happen?
- A . Enforce check-in/check-out exclusive access = active; Require privileged session monitoring and isolation = active
- B . Enforce check-in/check-out exclusive access = inactive; Require privileged session monitoring and isolation = inactive
- C . Enforce check-in/check-out exclusive access = inactive; Record and save session activity = active
- D . Enforce check-in/check-out exclusive access = active; Record and save session activity = inactive