CyberArk Technical Interview Questions
1.How many times wrong Password count access suspension can be increased?
Ans: Upto: 99
2.To allow specific user to access a specific safe the user need to have?
Ans: Safe ownership
3.What's the minimum password complexity required for CyberArk authentication using internal CyberArk scheme?
Ans: There should be Minimum one lowerchase alphabet character, one uppercase alphabet character, one numeric character
4.To create a PIM policy, what need to be done?
Ans: We should Create CPM Policy, PIM Policy, and Create a PSM connection component & enable the PSM if needed
If you want to enrich your career and become a professional in CyberArk, then visit Tekslate - a global online training platform: "CyberArk Training" This course will help you to achieve excellence in this domain.
5.CyberArk can manage following Database's password?
- MS SQL
- Oracle DB
- All of above
Ans: All of above
6.User with sufficient rights can do _____________ about the privilege account registered?
- Use the privilege account to directly connect to target system by clicking on connect button
- Copy the password for other usage
- Change the password by clicking on change button
- Verify the password by clicking on verify button
7.What is BYOC?
Ans: Bring Your Own Client
8._________ CyberArk's modules responsible for recording session?
9.If CyberArk vault user changed his Active Directory password what will happened with his CyberArk account?
Ans: Nothing will happen, If CyberArk uses LDAP authentication
10.Which Component used on all Cyberark solutions?
Ans: CyberArk Vault
11.What are the CyberArk Vault protection layers?
Ans: Following are the CyberArk Vault Protection Layers:
- Firewall & Code-Data Isolation
- Encryted Network Communication & Visual Security Audit Trail
- Strong Authentication & Granular Access Control
- File Encryption & Dual Control Security
12.About privilege account request/approval or also known as dual control, which following statement is false?
- Requester will receive email notification upon approval
- Approvals is working in hierarchy
- Request can be set for a specific time & date
- Approvals is working in minimum number of approvers
- Maximum request access for 5 consecutive days
Ans: Approvals is working in hierarchy
13.CyberArk's PIM stands for?
Ans: Privilege Identity Management
14.Can CyberArk change password in a text file?
Ans: Yes, if it is in plaintext or encrypted using known encryption algorithm
15.IS CyberArk PSM has web form capability?
16.What you need to have to enable auto password reconciliation policy?
Ans: Following should enable for auto password reconciliation policy in cyberark
- Enable Password reconciliation for specific policy
- Additional account on target server with sufficient rights
- Automatic password verification shoud enable
- Enable password reconciliation when password is unsync
CyberArk Technical Interview Questions
17.What are User Directories that are supported by CyberArk?
Ans: User Directories that support CyberArk are:
- Active Directory
- Oracle Internet Directory
- Novell eDirectory
- IBM Tivoli DS
18.Bring Your Own Clients means?
Ans: Bring Your Own Clients means
- You can use any client to access target system if PSM enabled
- PSM is flexible
- CyberArk PSM covers more target system type other than others
19.Does OpenSSL heartbleed bug affecting CyberArk Vault ?
Ans: No, on all vesion
20.What are capabilities of PSM for SSH ?
Ans: PSM for SSH has the capability of Video recording, Command recording
21.What CyberArk PSM has web form capability means ?
Ans: CyberArk PSM has web form capability means, With a set of conditions, PSM connector can be integrated into web based application. By default PSM web capability only covers html login page with form id, input form for user/password and button name attribute
22.If PSM enabled for a specific policy, auditor user can terminate remote session currently active?
23.What is the shortest time CPM can be configured to change password after each usage?
Ans: 1 minute
24.Password management doesn't consists of ____________ action?
Ans: ENE integration
25.How CyberArk Vault can be managed?
Ans: CyberArk Vault can be managed using PrivateArk Client, PrivateArk Web Client, and Private Vault Web Access
26.What is CyberArk Vault Dual Control ?
- Confirmation needed to open a safe
- Confirmation needed to retrieve files
- Confirmation needed to open a safe and to retrieve files
- At least 1 safe owner who are authorized to confirm request
- All of above
Ans: Confirmation needed to open a safe
27.How long CyberArk Vault will kept deleted object until it reach true deletion stage?
Ans: 30 days
28.What are User Accounts Enabled by Default?
- None of above
29.How to release user suspension?
Ans: To release user suspension --> Need to login using administrator account and activate the account.
30.BYOC applicable to which module ?
31.Which module used to replicate vault at production site to disaster recovery site?
Ans: DR Module
32.What are the steps required to register a privilege account to CyberArk PIMS using PVWA?
Ans: Inorder to register to a priviliege accout we need to:
- Create safe & define safe owner
- Create PIM Policy
- Create CPM & PSM Policy
- Add account with its properties (username, password, address etc)
CyberArk Exam Questions
33.CyberArk Vault access control can be defined by?
Ans: Safe, Folder, Object
34.Why PrivateArk Web Client limited only to Internet Explorer?
Ans: Because it uses ActiveX
35.Mention 3 pilars of CYberArk solutions?
Ans: PIMS, SIMS & PSMS
36.Which CyberArk's module is responsible for changing password?
37.If a User was suspended, who is the user that able to revoke the suspension?
38.If a password request got approved why only notification sent to requester but not the password for the target system itself?
Ans: Because of its Security concern, Email can be eavesdropped, Email can be redirected, Email may not be not secure.
39.What is ENE integration?
Ans: CyberArk email notification integration with existing email system
40.By default user will be suspended to login to the vault after entering ... times of wrong password?
Ans: 5 times
41.Inorder to enable LDAP user authentication which need to be configured?
Ans: Directory mapping
42.What need to be done to enable PSM for a policy?
Ans: We need to enable PSM option on specified policy, and need to add required PSM connection component
43.Can CyberArk can manage Facebook password & record Facebook session?
44.What are Authentication schemes supported by CyberArk Vault?
Ans: Here are teh authentication schemes that are suppored by CyberArk vault - LDAP, Radius, PKI
45.What are the reasons for CyberArk vault user login access denied?
Ans: Wrong password, Wrong username, User suspension, Wrong authentication mode
Get In-Depth Knowledge on CyberArk Click Here:
- How to configure CyberArk Vault Install AIM API
- Installation overview for the Splunk Add-on for CyberArk