CyberArk ACCESS-DEF Exam Practice Test Instant Access

Question 1

Your organization wants to implement passwordless authentication for business critical web applications. CyberArk Identity manages access to these applications.

What can you do to facilitate the enforcement of this passwordless authentication initiative? (Choose two.)

AConfigure a certificate-based authentication policy in CyberArk Identity that only allows access to CyberArk Identity or the business critical web applications.

BSend an email to the affected users and get them to renew their authentication token(s).

CRoll out the CyberArk Windows Cloud Agent to the affected endpoints.

DRefresh the endpoint operating system and define the new authentication method.

ERoll out Secure Web Sessions to the applicable users.

Answer : A, C

Question 2

When configuring an application to use the App Gateway, you do not have to change any configurations in the application directly. You enable the application for App Gateway access in the Admin Portal and input the existing URL that users enter to open the application. You can either use an external URL that CyberArk Identity automatically generates, or you can continue using an existing internal URL.

What is a disadvantage of using an existing internal URL for App Gateway connections?

AExisting links and bookmarks do not work outside of the corporate network.

BUsers must use different URLs depending on whether they access the application internally or externally.

CMore configuration is needed because you must upload the URL certificate and private key, and edit DNS settings.

DUsers must use the same URLs regardless of whether they access the application internally or externally and this may confuse them.

Answer : C

Question 3

Which predefined roles does CyberArk Identity provide?

ASystem Administrator and Everybody

BManage Users and Everybody

CSystem Administrator and Business Users

DManage Users and Business Users

Answer : A

Question 4

CyberArk Identity's App Gateway can be used to protect and access which option?

Aon-premises Oracle web app

Bcloud-hosted Salesforce environment

Ca corporate laptop

Da web browser

Answer : A

Question 5

What is considered an "Identity Provider Initiated" login to an application?

AAfter signing in to the CyberArk Identity portal, a user launches a SAML app by clicking an app tile.

BAfter visiting a third-party web app, a user is redirected to CyberArk Identity for authentication.

CA user visits a third party web app directly and signs in with local credentials.

DA user signs in to the CyberArk Identity portal and takes a screenshot of the portal to send to IT.

Answer : A

Question 6

An organization previously allowed users to add their personal apps on the Identity User Portal. This will soon be disabled due to policy changes.

What is the impact to the users for personal apps previously added to the User Portal?

AThey will continue to function normally; however, users cannot add new apps.

BThey will continue to display on the Apps screen and user devices; however, they will be greyed out and unavailable for any form of interaction.

CThey will be deleted from the Apps screen and user devices.

DThey will continue to display on the Apps screen and user devices; however, an error message will display when users try to open the application.

Answer : D

Question 7

Refer to the exhibit.

Within the "Allow user notifications on multiple devices", if you leave the setting as Default (--), what happens if a user triggers a MFA Push notification and has enrolled three different devices?

AThe push notification will be sent to none of the enrolled devices.

BThe push notification will be sent to the first enrolled device only.

CThe push notification will be sent to all enrolled devices.

DThe push notification will be sent to the last enrolled device only.

Answer : B

CyberArk ACCESS-DEF CyberArk Defender Access Exam Practice Test