ACCESS-DEF by CyberArk Actual Free Exam Questions And Answers

Question 1

Refer to the exhibit.
Which statements are correct regarding this Authentication Policy? (Choose two.)

A. If the first factor is password and the user is an Active Directory user and the Active Directory is unavailable, this setting does not matter because the user will not be able to authenticate through Active Directory credentials and will see the message "Active Directory not available".

B. If users have set up CyberArk Mobile Authenticator as an MFA, they will still receive the Push Notification to confirm the request even if they mistyped their password.

C. Users will not be notified which challenge they failed if their login attempt failed.

D. If users have set up a Security Question as an MFA, the Security Question will not be displayed to the user to answer even if they mistyped their password.

E. Users will still be asked for their MFA even if they mistyped their username.

Discussion 0

Correct Answer: B,C Vote an answer

Question 2

You want to find all events related to the user with the login ID of "ivan.helen@acme".
Which filter do you enter into the UBA portal data explorer?

A. user_name = 'ivan.helen@acme'

B. event_user = 'ivan.helen@acme'

C. user_id = 'ivan.helen@acme'

D. entity_name = 'ivan.helen@acme'

Discussion 0

Correct Answer: B Vote an answer

Question 3

ACME Corporation employees access critical business web applications through CyberArk Identity. You notice a constant high volume of unauthorized traffic from 103.1.200.0/24 trying to gain access to the CyberArk Identity portal. Access to the CyberArk Identity portal is time sensitive. ACME decides to enforce IP restrictions to reduce vulnerability.
Which configuration can help achieve this?

A. Implement device trust through the Windows Cloud Agent.

B. Implement zero trust through the App Gateway.

C. Log in to the CyberArk Identity Admin portal and define the IP range of 103 1 200 0/24 into the blocked IP range.

D. Login in to the CyberArk Identity Admin portal and define the IP range of 103 1 200 0/24 into the ACME Corporation IP range.

Discussion 0

Correct Answer: C Vote an answer

Question 4

As part of compliance regulation, ACME Corporation is enforcing MFA for its critical business web-based application. To increase security and MFA compliance, CyberArk recommends selecting mechanisms from different categories. Within the authentication policy, ACME Corporation made the requirement to configure an authentication mechanism with "Something you know".
Which authentication mechanism meets this requirement?

A. Phone Call

B. Security Question

C. FID02 Authenticators

D. Text Message (SMS) Confirmation Code

Discussion 0

Correct Answer: B Vote an answer

Question 5

Which device enrollment settings are valid? (Choose two.)

A. Send notification on device enrollment

B. Enable invite based enrollment

C. Permanently delete device

D. Minimum number of devices a user can enroll

E. Reassign the device to another user

Discussion 0

Correct Answer: A,B Vote an answer

Question 6

Which statement is correct about the CyberArk Identity Windows Device Trust enrollment process?

A. You can define the maximum number of joinable endpoints.

B. The endpoint does not need to be a domain-joined machine.

C. You can define the minimum number of joinable endpoints.

D. An enrollment code is optional.

Discussion 0

Correct Answer: A Vote an answer

Question 7

Which browsers are supported for the "Land and Catch" feature? (Choose three.)

A. Apple Safari

B. Google Chrome

C. [Microsoft Internet Explorer

D. Microsoft Edge

E. Opera

F. Firefox

Discussion 0

Correct Answer: B,D,F Vote an answer

CyberArk Defender Access - ACCESS-DEF Exam Practice Test

Contact Us

Useful Links

Latest Updated