EPM-DEF Online Practice Questions and Answers
A Helpdesk technician needs to provide remote assistance to a user whose laptop cannot connect to the Internet to pull EPM policies. What CyberArk EPM feature should the Helpdesk technician use to allow the user elevation capabilities?
A. Offline Policy Authorization Generator
B. Elevate Trusted Application If Necessary
C. Just In Time Access and Elevation
D. Loosely Connected Devices Credential Management
Which setting in the agent configuration controls how often the agent sends events to the EPM Server?
A. Event Queue Flush Period
B. Heartbeat Timeout
C. Condition Timeout
D. Policy Update Rate
A company is looking to manage their Windows Servers and Desktops with CyberArk EPM. Management would like to define different default policies between the Windows Servers and Windows Desktops.
What should the EPM Administrator do?
A. In the Default Policies, exclude either the Windows Servers or the Windows Desktops.
B. Create Advanced Policies to apply different policies between Windows Servers and Windows Desktops.
C. CyberArk does not recommend installing EPM Agents on Windows Servers.
D. Create a separate Set for Windows Servers and Windows Desktops.
An EPM Administrator would like to exclude an application from all Threat Protection modules. Where should the EPM Administrator make this change?
A. Privilege Threat Protection under Policies.
B. Authorized Applications under Application Groups.
C. Protect Against Ransomware under Default Policies.
D. Threat Protection under Agent Configurations.
CyberArk EPM's Ransomware Protection comes with file types to be protected out of the box. If an EPM Administrator would like to remove a file type from Ransomware Protection, where can this be done?
A. Policy Scope within Protect Against Ransomware
B. Authorized Applications (Ransomware Protection) within Application Groups
C. Set Security Permissions within Advanced Policies
D. Protected Files within Agent Configurations
An EPM Administrator would like to enable a Threat Protection policy, however, the policy protects an application that is not installed on all endpoints.
What should the EPM Administrator do?
A. Enable the Threat Protection policy and configure the Policy Targets.
B. Do not enable the Threat Protection policy.
C. Enable the Threat Protection policy only in Detect mode.
D. Split up the endpoints in to separate Sets and enable Threat Protection for only one of the Sets.
Which of the following application options can be used when defining trusted sources?
A. Publisher, Product, Size, URL
B. Publisher, Name, Size, URI
C. Product, URL, Machine, Package
D. Product, Publisher, User/Group, Installation Package
Where can you view CyberArk EPM Credential Lures events?
A. Application Catalog
B. Threat Protection Inbox
C. Events Management
D. Policy Audit
A particular user in company ABC requires the ability to run any application with administrative privileges every day that they log in to their systems for a total duration of 5 working days.
What is the correct solution that an EPM admin can implement?
A. An EPM admin can generate a JIT access and elevation policy with temporary access timeframe set to 120 hours
B. An EPM admin can generate a JIT access and elevation policy with temporary access timeframe set to 120 hours and Terminate administrative processes when the policy expires option unchecked
C. An EPM admin can create an authorization token for each application needed by running: EPMOPAGtool.exe -command gentoken -targetUser
D. An EPM admin can create a secure token for the end user's computer and instruct the end user to open an administrative command prompt and run the command vfagent.exe - UseToken
What is a valid step to investigate an EPM agent that is unable to connect to the EPM server?
A. On the end point, open a browser session to the URL of the EPM server.
B. Ping the endpoint from the EPM server.
C. Ping the server from the endpoint.
D. Restart the end point