• Home
  • Articles
  • Updated Jun 27, 2023 EPM-DEF Exam Dumps - PDF Questions and Testing Engine [Q21-Q45]

Updated Jun 27, 2023 EPM-DEF Exam Dumps - PDF Questions and Testing Engine [Q21-Q45]

Share

Updated Jun 27, 2023 EPM-DEF  Exam Dumps - PDF Questions and Testing Engine

New (2023) CyberArk EPM-DEF  Exam Dumps

NEW QUESTION # 21
What is a valid step to investigate an EPM agent that is unable to connect to the EPM server?

  • A. Ping the server from the endpoint.
  • B. Ping the endpoint from the EPM server.
  • C. On the end point, open a browser session to the URL of the EPM server.
  • D. Restart the end point

Answer: A


NEW QUESTION # 22
What feature is designed to exclude applications from CyberArk EPM's Ransomware Protection, without whitelisting the application launch?

  • A. Threat Intelligence
  • B. Policy Recommendations
  • C. Trusted Sources
  • D. Authorized Applications (Ransomware Protection)

Answer: D


NEW QUESTION # 23
Where would an EPM admin configure an application policy that depends on a script returning true for an end user's machine being connected to an open (no password protection) Wi-Fi?

  • A. Advanced Policy - Options: Conditional enforcement - Apply Policy according to Script execution result
  • B. Default policies - Check if network access is secure
  • C. Advanced Policy - Access - Specify permissions to be set for Wi-Fi network security
  • D. Advanced Policy - Application Control - Check Wi-Fi security

Answer: A


NEW QUESTION # 24
What are Trusted sources for Windows endpoints used for?

  • A. Defining applications that can be used by the developers.
  • B. Creating policies that contain trusted sources of applications.
  • C. Listing all the approved application to the end users.
  • D. Managing groups added by recommendation.

Answer: C


NEW QUESTION # 25
How does EPM help streamline security compliance and reporting?

  • A. Print reports
  • B. Provides reports in standard formats such as PDF, Word and Excel
  • C. Create custom reports
  • D. Use of automated distribution of reports to the security team

Answer: B


NEW QUESTION # 26
Which setting in the agent configuration controls how often the agent sends events to the EPM Server?

  • A. Heartbeat Timeout
  • B. Condition Timeout
  • C. Policy Update Rate
  • D. Event Queue Flush Period

Answer: D


NEW QUESTION # 27
In EPM, creation of which user type is required to use SAML?

  • A. AD User
  • B. SQL User
  • C. Local CyberArk EPM User
  • D. Azure AD User

Answer: D


NEW QUESTION # 28
When enabling Threat Protection policies, what should an EPM Administrator consider? (Choose two.)

  • A. Certain Threat Protection policies apply for specific applications not found on all machines
  • B. Threat Protection policies requires an additional agent to be installed.
  • C. Some Threat Protection policies are applicable only for Windows Servers as opposed to Workstations.
  • D. Threat Protection features are not available in all regions.

Answer: A,C


NEW QUESTION # 29
How does a Trusted Source policy affect an application?

  • A. Application from the defined trusted sources must be configured on a per application basis, in order to define run and elevation parameters.
  • B. Applications will be allowed to run and will inherit the process token from the EPM agent.
  • C. Applications will be allowed to run and will only elevate if required.
  • D. Applications will be allowed to run always in elevated mode.

Answer: A


NEW QUESTION # 30
Which threat intelligence source requires the suspect file to be sent externally?

  • A. NSRL
  • B. VirusTotal
  • C. CyberArk Application Risk Analysis Service (ARA)
  • D. Palo Alto Wildfire

Answer: B


NEW QUESTION # 31
On the Default Policies page, what are the names of policies that can be set as soon as EPM is deployed?

  • A. Privilege Management, Threat Protection, Application Escalation Control
  • B. Privilege Escalation, Privilege Management, Application Management
  • C. Privilege Management, Privilege Threat Protection, Local Privileged Accounts Management
  • D. Privilege Management, Application Control, Threat analysis

Answer: C


NEW QUESTION # 32
For the CyberArk EPM Threat Deception Credential Lure feature, what is the recommendation regarding the username creation?

  • A. The username should match to an existing account.
  • B. The username should have a strong password associated.
  • C. The username should match the built-in local Administrator.
  • D. The username should not match to an existing account.

Answer: D


NEW QUESTION # 33
What are the predefined application groups?

  • A. Developer group, Administrator group
  • B. Block Only
  • C. Run as Administrator, Run as Developer, Block
  • D. Elevate, Allow, Block, Developer Applications

Answer: D


NEW QUESTION # 34
What type of user can be created from the Threat Deception LSASS Credential Lures feature?

  • A. A standard user
  • B. It does not create any users
  • C. A local administrator user
  • D. A domain admin user

Answer: A


NEW QUESTION # 35
What is the CyberArk recommended practice when deploying the EPM agent to non-persistent VDIs?

  • A. A separate set
  • B. a VDI advanced policy
  • C. a separate license
  • D. A separate computer group

Answer: D


NEW QUESTION # 36
If you want to diagnose agent EPM agent connectivity issues, what is the agent executable that can be used from the command line?

  • A. db_agent.exe
  • B. vault_agent.exe
  • C. vf_agent.exe
  • D. epm_agent.exe

Answer: D


NEW QUESTION # 37
Which of the following is CyberArk's Recommended FIRST roll out strategy?

  • A. Implement Ransomware Protection
  • B. Implement Privilege Management
  • C. Implement Threat Detection
  • D. Implement Application Control

Answer: B


NEW QUESTION # 38
An end user is reporting that an application that needs administrative rights is crashing when selecting a certain option menu item. The Application is part of an advanced elevate policy and is working correctly except when using that menu item.
What could be the EPM cause of the error?

  • A. The Specify permissions to be set for selected Services on End-user Computers is set to Allow Start/Stop
  • B. The Users defined in the advanced policy do not include the end user running the application.
  • C. The Advanced: Time options are not set correctly to include the time that the user is running the application at.
  • D. The Elevate Child Processes option is not enabled.

Answer: D


NEW QUESTION # 39
What is required to configure SAML authentication on EPM?

  • A. Signed SAML Response
  • B. Encrypted Assertion
  • C. Signed Authentication Request
  • D. OAuth token

Answer: A


NEW QUESTION # 40
Match the Application Groups policy to their correct description.

Answer:

Explanation:


NEW QUESTION # 41
After a clean installation of the EPM agent, the local administrator password is not being changed on macOS and the old password can still be used to log in.
What is a possible cause?

  • A. Endpoint password policy is too restrictive.
  • B. EPM agent is not able to connect to the EPM server.
  • C. Secure Token on macOS endpoint is not enabled.
  • D. After installation, Full Disk Access for the macOS agent to support EPM policies was not approved.

Answer: C


NEW QUESTION # 42
If Privilege Management is not working on an endpoint, what is the most likely cause that can be verified in the EPM Agent Log Files?

  • A. UAC policy Run all administrators in Admin Approval Mode is set to "Enabled".
  • B. Behavior of the elevation prompt for administrators in Admin Approval Mode is set to "Prompt for Consent for non-Windows binaries".
  • C. Agent version is incompatible.
  • D. UAC policy Admin Approval for the Built-in Administrator Account is set to "Disabled".

Answer: A


NEW QUESTION # 43
An EPM Administrator would like to enable a Threat Protection policy, however, the policy protects an application that is not installed on all endpoints.
What should the EPM Administrator do?

  • A. Split up the endpoints in to separate Sets and enable Threat Protection for only one of the Sets.
  • B. Do not enable the Threat Protection policy.
  • C. Enable the Threat Protection policy and configure the Policy Targets.
  • D. Enable the Threat Protection policy only in Detect mode.

Answer: A


NEW QUESTION # 44
Which EPM reporting tool provides a comprehensive view of threat detection activity?

  • A. Detected Threats
  • B. McAfee ePO Reports
  • C. Threat Detection Dashboard
  • D. Threat Detection Events

Answer: C


NEW QUESTION # 45
......

Updated Verified Pass EPM-DEF Exam - Real Questions and Answers: https://www.practicevce.com/CyberArk/EPM-DEF-practice-exam-dumps.html

Best Way To Study For CyberArk EPM-DEF Exam Brilliant EPM-DEF Exam Questions PDF: https://drive.google.com/open?id=1_4spUjYYXHJdv5tcP9Flhd9lk5YyZiF8

Related Articles

more
CyberArk EPM-DEF Certification Practice Exam