Question No. 1

You modified a Conjur host policy to change its annotations for authentication.

How should you load the policy to make those changes?

AUse the default ''append'' method (e.g. conjur policy load

).

BUse the ''replace'' method (e.g. conjur policy load -- --replace

).

CUse the ''delete'' method (e.g. conjur policy load -- --delete

).

DUse the ''update'' method (e.g. conjur policy load -- --update

).

Show Answer

Correct Answer: B

Question No. 2

While installing the first CP in an environment, errors that occurred when the environment was created are displayed; however, the installation procedure continued and finished successfully.

What should you do?

AContinue configuring the application to use the CP. No further action is needed since the successful installation makes the error message benign.

BReview the lag file 'CreateEnv.loq' and investigate any error messages it contains.

CRun setup.exe again and select 'Recreate Vault Environment'. Provide the details of a user with more privileges when prompted by the installer.

DReview the PV WA lags to determine which REST API call used during the installation failed.

Show Answer

Correct Answer: B

Question No. 3

You are deploying Kubernetes resources/objects as Conjur identities.

In addition to Namespace and Deployment, from which options can you choose? (Choose two.)

AServiceAccount

BReplica sets

CSecrets

DTokenreviews

EStatefulSet

Show Answer

Correct Answer: A, E

Question No. 4

Refer to the exhibit.

How can you confirm that the Follower has a current copy of the database?

ACompare the pgcurrentxlog_locationlocation from the Leader to the Follower you need to validate against.

BCount the number of components in pgstartreplication and compare this to the total number of Followers in the deployment.

CValidate that the Follower container ID matches the node in the info endpoint on the Leader.

DRetrieve the credential from a test application on the Leader cluster; then retrieve against the Follower and compare if they are accurate.

Show Answer

Correct Answer: A

Question No. 5

An application is having authentication issues when trying to securely retrieve credential's from the Vault using the CCP webservices RESTAPI. CyberArk Support advised that further debugging should be enabled on the CCP server to output a trace file to review detailed logs to help isolate the problem.

What best describes how to enable debug for CCP?

AEdit web.config. change the ''AIMWebServiceTrace'' value, restart Windows Web Server (IIS)

BIn the PVWA, go to the Applications tab, select the Application in question, go to Options > Logging and choose Debug.

CFrom the command line, run appprvmgr.exe update_config logging=debug.

DEdit the basic_appprovider.conf, change the ''AIMWebServiceTrace' value, and restart the provider.

Show Answer

Correct Answer: A

Free CyberArk SECRET-SEN Exam Actual Questions

The questions for SECRET-SEN were last updated On Nov 19, 2024