Question No. 1

As part of compliance regulation, ACME Corporation is enforcing MFA for its critical business web-based application. To increase security and MFA compliance, CyberArk recommends selecting mechanisms from different categories. Within the authentication policy, ACME Corporation made the requirement to configure an authentication mechanism with "Something you know".

Which authentication mechanism meets this requirement?

APhone Call

BSecurity Question

CText Message (SMS) Confirmation Code

DFID02 Authenticators

Show Answer

Correct Answer: B

Question No. 2

ACME Corporation employees access critical business web applications through CyberArk Identity. You notice a constant high volume of unauthorized traffic from 103.1.200.0/24 trying to gain access to the CyberArk Identity portal. Access to the CyberArk Identity portal is time sensitive. ACME decides to enforce IP restrictions to reduce vulnerability.

Which configuration can help achieve this?

ALogin in to the CyberArk Identity Admin portal and define the IP range of 103 1 200 0/24 into the ACME Corporation IP range.

BLog in to the CyberArk Identity Admin portal and define the IP range of 103 1 200 0/24 into the blocked IP range.

CImplement device trust through the Windows Cloud Agent.

DImplement zero trust through the App Gateway.

Show Answer

Correct Answer: B

Question No. 3

Refer to the exhibit.

Which statements are correct regarding this Authentication Policy? (Choose two.)

AUsers will still be asked for their MFA even if they mistyped their username.

BIf users have set up CyberArk Mobile Authenticator as an MFA, they will still receive the Push Notification to confirm the request even if they mistyped their password.

CUsers will not be notified which challenge they failed if their login attempt failed.

DIf users have set up a Security Question as an MFA, the Security Question will not be displayed to the user to answer even if they mistyped their password.

EIf the first factor is password and the user is an Active Directory user and the Active Directory is unavailable, this setting does not matter because the user will not be able to authenticate through Active Directory credentials and will see the message 'Active Directory not available'.

Show Answer

Correct Answer: B, C

Question No. 4

What does enabling "Workflow" allow within an app connector?

Aability to enable approval workflows for a user request to access the app

Bability for workflows to link one app with another app

Cability for a workflow to create, update, and delete users within a 3rd party app

Dworkflows that automatically notify admins when a user logs in to the app

Show Answer

Correct Answer: A

Question No. 5

When logging on to the User Portal, which authentication methods can enable the user to bypass authentication rules and default profile? (Choose two.)

ACertification-Based Authentication (CBA)

BIntegrated Windows Authentication (IWA)

CQR Code Authentication

DFIDO2 Authentication

ERADIUS Authentication

Show Answer

Correct Answer: B, D

Free CyberArk ACCESS-DEF Exam Actual Questions

The questions for ACCESS-DEF were last updated On Jan 17, 2025