When deploying EPM and in the Privilege Management phase what is the purpose of Discovery?

A. To identify all non-administrative events

B. To identify all administrative level events

C. To identify both administrative and non-administrative level events

D. To identify non-administrative threats

What can you manage by using User Policies?

A. Just-In-Time endpoint access and elevation, access to removable drives, and Services access.

B. Access to Windows Services only.

C. Filesystem and registry access, access to removable drives, and Services access.

D. Just-In-Time endpoint access and elevation, access to removable drives, filesystem and registry access, Services access, and User account control monitoring.

What are Trusted sources for Windows endpoints used for?

A. Creating policies that contain trusted sources of applications.

B. Defining applications that can be used by the developers.

C. Listing all the approved application to the end users.

D. Managing groups added by recommendation.

What unauthorized change can CyberArk EPM Ransomware Protection prevent?

A. Windows Registry Keys

B. Website Data

C. Local Administrator Passwords

D. Certificates in the Certificate Store

Which of the following application options can be used when defining trusted sources?

A. Publisher, Product, Size, URL

B. Publisher, Name, Size, URI

C. Product, URL, Machine, Package

D. Product, Publisher, User/Group, Installation Package

Which of the following is CyberArk's Recommended FIRST roll out strategy?

A. Implement Application Control

B. Implement Privilege Management

C. Implement Threat Detection

D. Implement Ransomware Protection

Can the EPM Set Administrator configure Audit Dialog Pop-ups for the Record Audit Video option?

A. Yes, when Audit Video recording started, when Audit Video recording stopped, and when Audit Recording video reached size limit.

B. Yes, when Audit Video recording started, when not enough disk space to start the video recording, and when video recording is initializing.

C. Yes, when Audit Video recording started, when Audit Video recording is uploaded to the EPM server, and when audit recording cannot be initialized.

D. No, Audit Video is only available without the possibility of having End-User dialog pop- ups.

What is required to configure SAML authentication on EPM?

A. OAuth token

B. Signed Authentication Request

C. Encrypted Assertion

D. Signed SAML Response

When blocking applications, what is the recommended practice regarding the end-user UI?

A. Show a block prompt for blocked applications.

B. Show no prompts for blocked applications.

C. Hide the CyberArk EPM Agent icon in the system tray.

D. Enable the Default Deny policy.

What is the CyberArk recommended practice when deploying the EPM agent to non- persistent VDIs?

A. A separate set

B. a VDI advanced policy

C. a separate license

D. A separate computer group