Free Practice Questions for CyberArk Sentry Certification – Modern PAM Certification

- Identify and describe Privilege Cloud main capabilities. - Identify and describe Privilege Cloud architecture at a basic level. - Identify and describe customer components - Identify and describe backend components. - Identify and describe CyberArk Identity Security Platform Shared Services. - identify the 3 phases of Privilege Cloud implementation and the purposes of each phase. - Identify and describe Discovery and Initiation steps. - Use Privilege Cloud Account Discovery. - Identify and describe Definition and Planning steps. - Identify and describe Launch and Execution steps. - Describe pre-deployment, environmental, and network considerations. - Identify and describe solution design components. - Identify and describe methods to provision accounts. - Describe Privileged Session Manager (PSM) and connector requirements, e.g., system, sizing. (expand on sub-objectives) - Compare and contrast PSM and modern SIA connection methods. - Identify and describe CPM considerations. - Identify and describe PSM for SSH (PSMP) considerations (different from PSM.) - Identify and describe connector considerations.

- Identify and describe the Privilege Cloud deployment workflow. - Configure TLS certificates for secure communication within the architecture. - Prepare the environment. - Identify and describe security fundamentals, including BYOK and SIEM. - Identify and describe system and network requirements. - Add system users and roles. - Describe the different ways to add users. - Describe the procedure to configure MFA for all users. - Assign roles to users and invite them to access services. - Define and manage organizational networks and connector pools. - Describe how to create connector pools. - Describe how to assign networks and endpoints to connector pools. - Deploy, maintain, and upgrade connectors. - Identify and describe connector deployment tools. - Identify and describe installation considerations, such as security and hardening, CPM, high availability, and disaster recovery. - Describe how to add a connector management agent. - Describe the Connector Management Service and how to perform various connector management and monitoring actions. - Describe how to install Privilege Cloud Connectors, including installing the connector management agent and the Identity Connector Agent. - Describe how to install, configure, and troubleshoot Privilege Cloud CPM and PSM components. - Describe how to install, configure, and troubleshoot the SIA connector. - Describe how to install, configure, and troubleshoot Secure Tunnel and SIEM integration. - Set up and sign in with Shared Services. - Collect setup details and sign in to the ISPSS user portal. - Describe how to set the Installeruser password. - Identify and describe functions that can be performed in the ISPSS user information area. - Describe how to deploy SIA and PSM for SSH. - Identify and describe the requirements for SCIM integration and SIEM integrations. - Perform system tracking and monitoring. - Check CyberArk services status. - Check component services (CPM, PSM) status. - Install and configure the Privilege Cloud connector on designated servers.

- Set the Master policy. - Configure and manage exceptions to the Master Policy. - Create and manage safes. - Manage safe access. - Create platforms, including duplication and import methods. - Manage the lifecycle of privileged accounts. - Change account details, such as change account password (CPM and Vault only), reconcile a vaulted account password. - Troubleshoot the account. - Remove accounts. - Verify an account. - Add and configure a reconciliation account. - Disable/enable account management (CPM Management Disabled by User). - Describe how to scan for accounts and add onboarding rules. - Manage privileged sessions (turn PSM on and off). - Generate and manage reports. - Identify and describe the steps to enable MFA Caching for PSM for SSH. - Describe how to customize notifications. - Describe vendor PAM management roles and functions. - Describe required permissions and methods to invite users/vendors for Vendor PAM. - Configure password complexity. - Review audit and recordings. - Configure dual control and approval workflows. - Troubleshoot password rotation issues. - Manage Audits. - Set up access control mechanisms. - Configure session recording and audits. - Implement and maintain credential rotation schedules for both online and offline (Loosely Connected Devices) systems. - Define policies for secure access to vaulted credentials. - Demonstrate how to rotate credentials for database, Linux, and Windows systems. - Configure policy-based access to Windows, Linux, and database systems using Privilege Cloud. - Manage/troubleshoot session management features, such as live monitoring, session termination, and playback.

- Retrieve accounts and passwords. - Connect to a target device, including all SIA, PSM, and PSM for SSH sessions. - Connect when Privilege Cloud is unavailable.

- Describe the use of the MFA SSA Cache Key. - Use the Plugin Generator Utility to create the PSM connector. - Describe the process and prompts concepts for CPM SSH plugins.

- Access and review audit logs and recorded sessions. - Search for video recordings. - Download, share, and play videos. - Monitor active sessions. - Analyze session recordings to detect suspicious behavior or policy breaches.