CyberArk PAM-SEN Practice Exams
Last updated on Apr 03,2025- Exam Code: PAM-SEN
- Exam Name: CyberArk Sentry – PAM
- Certification Provider: CyberArk
- Latest update: Apr 03,2025
You are installing a CPM.
In addition to Add Safes, Add/Update Users, Reset Users’ Passwords and Manage Server File Categories, which Vault authorization(s) does a CyberArk user need to install the CPM?
- A . Manage Directory Mapping
- B . Activate Users
- C . Backup All Safes, Restore All Safes
- D . Audit Users, Add Network Areas
Which file would you modify to configure the vault to send SNMP traps to your monitoring solution?
- A . dbparm ini
- B . paragent.ini
- C . ENEConf.ini I
- D . padr ini
Which parameter must be provided when registering a primary Vault in Azure, but not in Amazon Web Services?
- A . /RecPub
- B . /AdminPass
- C . /MasterPass
- D . /RDPGateway
Which tools are used during a CPM renaming process? (Choose two.)
- A . APIKeyManager Utility Most Voted
- B . CreateCredFile Utility Most Voted
- C . CPMInDomain_Hardening.ps1
- D . PMTerminal.exe
- E . Data Execution Prevention
What is a prerequisite step before CyberArk can be configured to support RADIUS authentication?
- A . Log on to the PrivateArk Client, display the User properties of the user to configure, run the Authentication method drop-down list, and select RADIUS authentication.
- B . In the RADIUS server, define the CyberArk Vault as a RADIUS client/agent. Most Voted
- C . In the Vault installation folder, run CAVaultManager as administrator with the SecureSecretFiles command.
- D . Navigate to /Server/Conf and open DBParm.ini and set the RadiusServersInfo parameter.
Which statement is correct about a post-install hardening?
- A . The Vault must be hardened during the Vault installation process. Most Voted
- B . After the Vault server is installed, you must join the server to the Enterprise Domain and reboot
the host. - C . It is executed after Vault installation by running CAVaultHarden.exe and hardening options can be edited by changing the Hardening.ini file. Most Voted
- D . If it is mandated by an organization’s IT governance, you do not have to execute Vault hardening; however, server hardening cannot be reversed.
What is the purpose of the CPM_Preinstallation.ps1 script included with the CPM installation package?
- A . It prompts for input parameters that will be used to pre-populate form fields in the installation wizard.
- B . It automatically installs the CPM, requiring no additional user input.
- C . It allows you to install the CPM using a command line approach rather than using the installation wizard.
- D . It verifies the NET version installed on the server and sets the IIS SSL TLS server configuration.
You have been asked to limit a platform called “Windows_Servers” to safes called “WindowsDC1” and “WindowsDC2”. The platform must not be assigned to any other safe.
What is the correct way to accomplish this?
- A . Edit the “Windows_Servers” platform, expand “Automatic Password Management”, then select General and modify “AllowedSafes” to be (WindowsDC1)|(WindowsDC2).
- B . Edit the “Windows_Servers” platform, expand “Automatic Password Management”, then select Options and modify “AllowedSafes” to be (Win*).
- C . Edit the “WindowsDC1” and “WindowsDC2” safes through Safe Management, Add “Windows_Servers” to the “AllowedPlatforms”.
- D . Log in to PrivateArk using an Administrative user, Select File, Server File Categories, Locate the category “WindowsServersAllowedSafes” and specify “WindowsDC1,WindowsDC2”.
To apply a new license file you must:
- A . Upload the license.xml file to the System Safe
- B . Upload the license.xml file to the Vaultlnternal Safe.
- C . Upload the license.xml file to the System Safe and restart the PrivateArk Server service.
- D . Upload the license.xml file to the Vaultlnternal Safe and restart the PrivateArk Server service.