A financial services company is deploying a distributed CyberArk PAS environment with a Primary Vault in New York and a Satellite Vault in London. During a network outage, the London PSM servers lose connectivity to the Primary Vault but can still communicate with the London Satellite Vault. What is the expected behavior for privileged sessions initiated from London during this outage?
A security architect is designing the firewall rules for a new CyberArk deployment. To ensure proper communication for session recording uploads and other critical functions, which component requires persistent, stateful connectivity to the Vault server on port 1858?
During a security audit, it was discovered that a Master Policy exception was created to allow a group of developers to view passwords directly without requiring a reason. To comply with a new Zero Trust policy, all password retrievals must be justified and approved. Which TWO actions are required to enforce this policy for the developer group? (Select TWO)
True or False: The 'CreateCredFile' utility can be used to create credential files for all CyberArk components, including the Vault service user (master user).
A large retail company needs to onboard thousands of local administrator accounts from their point-of-sale (POS) systems into CyberArk. The accounts follow a standard naming convention but exist across multiple network segments. A full network scan is not feasible due to performance concerns. Which onboarding method provides the most efficient and targeted approach?
An administrator is attempting to troubleshoot a failing PSM-RDP connection. The user receives a generic PSM error message: "PSMSR126E Failure occurred while handling session." Analysis of the PSM console log reveals the error "PSMSR035E Privileged Session Manager has been terminated." What is the most likely cause of this issue?
A deployment engineer needs to harden a new Vault server according to CyberArk's security best practices. Which utility is specifically designed to automate the majority of the required post-installation security configurations on the Vault server?
A custom CPM plugin for a proprietary database is failing during the password verification step. The change process completes successfully, but the verify step fails with a generic error. The plugin uses a `PMPasswordVerification.exe` process. What is the most effective first step to diagnose the cause of the verification failure?
A security team wants to implement a policy where all privileged commands executed during a PSM for SSH session on Linux servers are captured as distinct events, in addition to the full session video recording. Which CyberArk feature must be configured to achieve this?
A compliance report requires a list of all Safes that have not had their object-level access control settings modified in the last 180 days. Which tool or interface would be most suitable for generating this specific report?