CyberArk Interview Questions And Answers

  1. Home /
  2. Interview Questions /
  3. CyberArk Interview Questions And Answers

CyberArk Technical Interview Questions

How many times wrong Password count access suspension can be increased?

Ans: Upto: 99

To allow specific user to access a specific safe the user need to have

Ans: Safe ownership

What's the minimum password complexity required for CyberArk authentication using internal CyberArk scheme?

Ans: There should be Minimum one lowerchase alphabet character, one uppercase alphabet character, one numeric character

To create a PIM policy, what need to be done ?

Ans:  We should Create CPM Policy, PIM Policy, and Create a PSM connection component & enable the PSM if needed

CyberArk can manage following Database's password

  1. MySQL

  2. DB2

  3. MS SQL

  4. Oracle DB

  5. All of above

Ans: All of above

User with sufficient rights can do _____________ about the privilege account registered

  • Use the privilege account to directly connect to target system by clicking on connect button

  • Copy the password for other usage

  • Change the password by clicking on change button

  • Verify the password by clicking on verify button

What is BYOC? 

Ans: Bring Your Own Client

_________ CyberArk's modules responsible for recording session

Ans: PSM

If CyberArk vault user changed his Active Directory password what will happened with his CyberArk account

Ans: Nothing will happen, If CyberArk uses LDAP authentication

Which Component used on all Cyberark solutions?

Ans: CyberArk Vault

What are the CyberArk Vault protection layers :
Ans: Following are the CyberArk Vault Protection Layers:
     	
  • Firewall & Code-Data Isolation
    •  	
  • Encryted Network Communication & Visual Security Audit Trail
    •  	
  • Strong Authentication & Granular Access Control
    •  	
  • File Encryption & Dual Control Security
About privilege account request/approval or also known as dual control, which following statement is false
     	
  • Requester will receive email notification upon approval
    •  	
  • Approvals is working in hierarchy
    •  	
  • Request can be set for a specific time & date
    •  	
  • Approvals is working in minimum number of approvers
    •  	
  • Maximum request access for 5 consecutive days
Ans: Approvals is working in hierarchy
CyberArk's PIM stands for :
Ans: Privilege Identity Management
Online CyberArk Training
Can CyberArk change password in a text file?
Ans: Yes, if it is in plaintext or encrypted using known encryption algorithm
IS CyberArk PSM has web form capability?
Ans: Yes
What you need to have to enable auto password reconciliation policy?
Ans: Following should enable for auto password reconciliation policy in cyberark
     	
  • Enable Password reconciliation for specific policy
    •  	
  • Additional account on target server with sufficient rights
    •  	
  • Automatic password verification shoud enable
    •  	
  • Enable password reconciliation when password is unsync
CyberArk Technical Interview Questions
What are User Directories that are supported by CyberArk?
Ans: User Directories that support CyberArk are:
     	
  • Active Directory
    •  	
  • Oracle Internet Directory
    •  	
  • Novell eDirectory
    •  	
  • IBM Tivoli DS
Bring Your Own Clients means
Ans: Bring Your Own Clients means
     	
  • You can use any client to access target system if PSM enabled
    •  	
  • PSM is flexible
    •  	
  • CyberArk PSM covers more target system type other than others
Does OpenSSL heartbleed bug affecting CyberArk Vault ?
Ans: No, on all vesion
What are capabilities of PSM for SSH ?
Ans: PSM for SSH has the capability of Video recording, Command recording
What CyberArk PSM has web form capability means ?
Ans: CyberArk PSM has web form capability means, With a set of conditions, PSM connector can be integrated into web based application. By default PSM web capability only covers html login page with form id, input form for user/password and button name attribute
If PSM enabled for a specific policy, auditor user can terminate remote session currently active
Ans: Yes
What is the shortest time CPM can be configured to change password after each usage
Ans: 1 minute
Password management doesn't consists of ____________ action
Ans: ENE integration
How CyberArk Vault can be managed?
Ans: CyberArk Vault can be managed using PrivateArk Client, PrivateArk Web Client, and Private Vault Web Access
What is CyberArk Vault Dual Control ?
     	
  • Confirmation needed to open a safe
    •  	
  • Confirmation needed to retrieve files
    •  	
  • Confirmation needed to open a safe and to retrieve files
    •  	
  • At least 1 safe owner who are authorized to confirm request
    •  	
  • All of above
Ans: Confirmation needed to open a safe
How long CyberArk Vault will kept deleted object until it reach true deletion stage ?
Ans: 30 days
What are User Accounts Enabled by Default?
     	
  • Administrator
    •  	
  • Auditor
    •  	
  • Master
    •  	
  • Backup
    •  	
  • None of above
Ans: Administrator
How to release user suspension?
Ans: To release user suspension --> Need to login using administrator account and activate the account.
BYOC applicable to which module ?
Ans: PSM
Which module used to replicate vault at production site to disaster recovery site ?
Ans: DR Module
What are the steps required to register a privilege account to CyberArk PIMS using PVWA :
Ans: Inorder to register to a priviliege accout we need to:
     	
  • Create safe & define safe owner
    •  	
  • Create PIM Policy
    •  	
  • Create CPM & PSM Policy
    •  	
  • Add account with its properties (username, password, address etc)
CyberArk Exam Questions
CyberArk Vault access control can be defined by
Ans: Safe, Folder, Object
Why PrivateArk Web Client limited only to Internet Explorer
Ans: Because it uses ActiveX
Mention 3 pilars of CYberArk solutions 
Ans: PIMS, SIMS & PSMS
Which CyberArk's module is responsible for changing password
Ans: CPM
If a User was suspended, who is the user that able to revoke the suspension ?
Ans: Administrator
If a password request got approved why only notification sent to requester but not the password for the target system itself ?
Ans: Because of its Security concern, Email can be eavesdropped, Email can be redirected, Email may not be not secure.
What is ENE integration
Ans: CyberArk email notification integration with existing email system
By default user will be suspended to login to the vault after entering ... times of wrong password
Ans: 5 times
Inorder to enable LDAP user authentication which need to be configured
Ans: Directory mapping
What need to be done to enable PSM for a policy
Ans:  We need to enable PSM option on specified policy, and need to add required PSM connection component
Can CyberArk can manage Facebook password & record Facebook session?
Ans: Yes
What are Authentication schemes supported by CyberArk Vault ?
Ans: Here are teh authentication schemes that are suppored by CyberArk vault - LDAP, Radius, PKI
What are the reasons for CyberArk vault user login access denied?
Ans: Wrong password, Wrong username, User suspension, Wrong authentication mode
CyberArk Tutorials
                
                
                
                
            


            

        

    















    

        

            

                

                    
Call Our Advisor

                

                

                    
                

            

        

    

    

        

          

               USA - +1 972 370 3060    
          

          

          

               IND - +91 905 294 3388    
          

        

    

    






    

        

            

                

                    
Drop us a Query