Question No. 1

All 80 employees from your satellite Tokyo office are complaining that browsing the PVWA site is very slow; however, your New York headquarters users are not experiencing this. The current PAM solution is:

2 distributed Vaults, the primary one in New York and a satellite in Tokyo

2 PVWA servers, both in New York with load balancing configured

2 PSM servers, both in New York without load balancing configured

1 CPM server in New York

All PVWA, PSM, and CPM servers are connected to the primary Vault

Which proposal optimally resolves the performance issue while minimizing the impact to production?

AInstall two new PVWA servers in Tokyo data center, configure load balancing, connect to the local satellite Vault and provide the URL of new PVWA servers to the local employees.

BInstall two new PVWA servers in New York data center, configure load balancing and have them connect to the satellite Vault in Tokyo.

CInstall two new PSM servers in the Tokyo data center, configure load balancing, connect to the local satellite vault, and inform the local employees to browse using the same PVWA URL.

DChange the current distributed Vaults architecture, migrate back to a Primary-DR architecture, install two new PVWA servers in the Tokyo data center and configure load balancing. Connect to the local DR Vault and provide the URL of new PVWA servers to the local employees.

Show Answer

Correct Answer: A

Question No. 2

You have been asked to limit a platform called ''Windows_Servers'' to safes called ''WindowsDC1'' and ''WindowsDC2''. The platform must not be assigned to any other safe.

What is the correct way to accomplish this?

AEdit the ''Windows_Servers'' platform, expand ''Automatic Password Management'', then select General and modify ''AllowedSafes'' to be (WindowsDC1)|(WindowsDC2).

BEdit the ''Windows_Servers'' platform, expand ''Automatic Password Management'', then select Options and modify ''AllowedSafes'' to be (Win*).

CEdit the ''WindowsDC1'' and ''WindowsDC2'' safes through Safe Management, Add ''Windows_Servers'' to the ''AllowedPlatforms''.

DLog in to PrivateArk using an Administrative user, Select File, Server File Categories, Locate the category ''WindowsServersAllowedSafes'' and specify ''WindowsDC1,WindowsDC2''.

Show Answer

Correct Answer: A

Question No. 3

By default, the vault secure protocol uses which IP port and protocol.

ATCP/1858

BTCP/443

CUDP/1858

DTCP/80

Show Answer

Correct Answer: A

Question No. 4

How should you configure PSM for SSH to support load balancing?

Aby using a network load balancer Most Voted

Bin PVWA > Options > PSM for SSH Proxy > Servers

Cin PVWA > Options > PSM for SSH Proxy > Servers > VIP

Dby editing sshd.config on the all the PSM for SSH servers

Show Answer

Correct Answer: C

Question No. 5

Which statement is correct about CPM behavior in a distributed Vault environment?

ACPMs should only access the primary Vault. When it is unavailable, CPM cannot access any Vault until another Vault is promoted as the new primary Vault.

BCPMs should access only the satellite Vaults.

CCPMs should only access the primary Vault. When it is unavailable, CPM cannot access any Vault until the original primary Vault is operational again.

DCPM should access all Vaults - primary and the satellite.

Show Answer

Correct Answer: A

Free CyberArk PAM-SEN Exam Actual Questions

The questions for PAM-SEN were last updated On Nov 17, 2024