Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

Discussions
  1. Home
  2. CyberArk
  3. Defender
  4. EPM-DEF
  5. CyberArk Defender - EPM Questions and Answers

Pass the CyberArk Defender EPM-DEF Questions and answers with ValidTests

Exam EPM-DEF All Questions
Exam EPM-DEF Premium Access

View all detail and faqs for the EPM-DEF exam

Go to Exam
Viewing page 1 out of 2 pages
Viewing questions 1-10 out of questions
Questions # 1:

What feature is designed to exclude applications from CyberArk EPM's Ransomware Protection, without whitelisting the application launch?

Options:

A.

Trusted Sources

B.

Authorized Applications (Ransomware Protection)

C.

Threat Intelligence

D.

Policy Recommendations

Expert Solution
Questions # 2:

In EPM, creation of which user type is required to use SAML?

Options:

A.

Local CyberArk EPM User

B.

AD User

C.

SQL User

D.

Azure AD User

Expert Solution
Questions # 3:

An application has been identified by the LSASS Credentials Harvesting Module.

What is the recommended approach to excluding the application?

Options:

A.

In Agent Configurations, add the application to the Threat Protection Exclusions

B.

Add the application to the Files to be Ignored Always in Agent Configurations.

C.

Exclude the application within the LSASS Credentials Harvesting module.

D.

Add the application to an Advanced Policy or Application Group with an Elevate policy action.

Expert Solution
Questions # 4:

When adding the EPM agent to a pre-existing security stack on workstation, what two steps are CyberArk recommendations. (Choose two.)

Options:

A.

Add any pre-existing security application to the Files to Be Ignored Always.

B.

Add EPM agent to the other security tools exclusions.

C.

EPM agent should never be run with any other security tools.

D.

Create new advanced policies for each security tool.

Expert Solution
Questions # 5:

When deploying EPM and in the Privilege Management phase what is the purpose of Discovery?

Options:

A.

To identify all non-administrative events

B.

To identify all administrative level events

C.

To identify both administrative and non-administrative level events

D.

To identify non-administrative threats

Expert Solution
Questions # 6:

Which EPM reporting tool provides a comprehensive view of threat detection activity?

Options:

A.

Threat Detection Dashboard

B.

Detected Threats

C.

Threat Detection Events

D.

McAfee ePO Reports

Expert Solution
Questions # 7:

A policy needs to be created to block particular applications for a specific user group. Based on CyberArk's policy naming best practices, what should be included in the policy's name?

Options:

A.

Policy creation date

B.

Target use group

C.

Creator of the policy

D.

The policy's Set name

Expert Solution
Questions # 8:

Match the Trusted Source to its correct definition:

Question # 8

Options:

Expert Solution
Questions # 9:

When enabling Threat Protection policies, what should an EPM Administrator consider? (Choose two.)

Options:

A.

Some Threat Protection policies are applicable only for Windows Servers as opposed to Workstations.

B.

Certain Threat Protection policies apply for specific applications not found on all machines

C.

Threat Protection policies requires an additional agent to be installed.

D.

Threat Protection features are not available in all regions.

Expert Solution
Questions # 10:

An EPM Administrator would like to notify end users whenever the Elevate policy is granting users elevation for their applications. Where should the EPM Administrator go to enable the end-user dialog?

Options:

A.

End-user UI in the left panel of the console

B.

Advanced, Agent Configurations

C.

Default Policies

D.

End-User UI within the policy

Expert Solution
Viewing page 1 out of 2 pages
Viewing questions 1-10 out of questions