A financial services client is deploying a CyberArk PAM solution across two geographically separate data centers for disaster recovery. The primary data center hosts the active Vault, and the secondary data center hosts a passive DR Vault. The client's RPO is near-zero, and the RTO is 4 hours. The network link between the data centers is stable but has variable latency. Which Vault replication method should be implemented to meet these requirements?
During a PSM for SSH deployment, a security administrator reports that they can initiate a session to a target Linux server, but the session recording is not being created. The PSM server logs indicate a successful connection, but the session does not appear in the PVWA Monitoring tab. Which of the following configuration parameters is the most likely cause of this issue?
A consultant is developing a custom CPM plugin for a legacy mainframe application that uses a proprietary command-line interface for password changes. The password change process requires three distinct steps: logon, change password, and logoff. The consultant has created three separate scripts for these actions. How should the `Process.ini` file be configured to execute these scripts in the correct order?
A security operations center (SOC) analyst receives a high-severity alert from Privileged Threat Analytics (PTA) indicating a suspected Pass-the-Hash attack originating from a domain controller. The source is a legitimate administrator's workstation, but the activity is occurring outside of business hours. Which of the following data sources are MOST critical for PTA to accurately generate this specific type of alert? (Select TWO)
You are performing a quarterly health check of a customer's CyberArk environment. You notice that the `italog.log` file on the Vault server is growing excessively and contains repeated warnings about `ITADB323W` and `ITADB324W`. What is the MOST appropriate first step to diagnose and resolve this issue?
A global retailer is designing a new PAM architecture. They have a primary data center in North America and a secondary data center in Europe. The security policy states that privileged sessions initiated in Europe must be proxied through a local PSM server in the European data center to minimize latency and comply with data sovereignty regulations. How should this be configured? ```mermaid flowchart LR subgraph Europe User_EU[EU User] PVWA_EU[PVWA] PSM_EU[PSM Server] end subgraph North_America Vault[Active Vault] PSM_NA[PSM Server] end User_EU --> PVWA_EU PVWA_EU --> Vault PVWA_EU --> PSM_EU PSM_EU --> Target[Target System] ```
True or False: When configuring a custom connection component for a web application using the PSM Web Connector framework, the `WebFormFields` property must be manually encrypted before being placed in the connection component configuration.
A CPM is failing to reconcile a password for a local account on a Windows Server. The reconcile account is a domain admin, and network connectivity is confirmed. The logs show the error message: `CACPM344E Verifying Password Safe: , Folder: Root, Object: failed (try #1). Code: 2114, Error: The service has not been started`. What is the most likely cause of this failure?
A client has implemented PTA and is concerned about the volume of data being sent from their Domain Controllers to the PTA server. They want to ensure that only relevant security events are forwarded to minimize network bandwidth usage. What is the recommended method to achieve this?
During a failover test of a DR Vault, the `CAVaultManager` command to promote the DR Vault fails with an error indicating that replication is still active. The administrator has already stopped the PrivateArk Server service on the primary Vault. What is the most likely reason for this failure?