CyberArk Interview Questions and Answers
by Mohammed, on May 18, 2018 3:51:56 PM
Q1. What is CyberArk?
Ans: CyberArk is an information security company offering Privileged Account Security. The company’s technology is utilized primarily in the financial services, energy, retail and healthcare markets.
Q2. What is CyberArk viewfinity?
Ans: CyberArk Viewfinity with enhanced protection is now CyberArk Endpoint Privilege Manager. Enforcing privilege security on the endpoint is a fundamental part of your security program.
Q3. What Are The Primary Functions Of Cyberark?
Ans: CyberArk Enterprise Password Vault, an element of the CyberArk Privileged Account Security Solution, has been designed to discover, secure, rotate and control access to confidential account passwords used to access any system throughout the organization in its Information Technology environment.
Q4. What is identity and access management?
Ans: Identity management, also known as identity and access management (IAM) is, in computer security, the security and business discipline that “enables the right individuals to access the right resources at the right times and for the right reasons”.
Q5. What is viewfinity used for?
Ans: Viewfinity is a suite of integrated management tools that simplify the processes involved in privilege management, enabling administrators to more effectively protect PCs from unauthorized use and providing granular control over who can do what on servers and endpoints across the enterprise.
Q6. How Does Its Security Work?
Ans: CyberArk Digital Vault, also known as the Enterprise Password Vault (EPV) uses multiple layers of encryption to provide maximum security for contents of each and every single safe. Each file within a safe is encrypted with a unique file encryption key and are stored within the safe and encrypted with a different safe encryption key which is unique to the safe. The safe encryption keys are then stored within the vault and are encrypted with a unique vault encryption key. All of these keys are delivered only to those users who have the appropriate access rights. Administrators classify access to safes and data within the safes so that users must be manually confirmed by a Safe Supervisor before they can access the safe along with its contents.
Q7. What Do You Understand By Privileged Account Security?
Ans: Privileged identity management (PIM) is a field which focuses on the special requirements of influential and powerful accounts within the IT infrastructure of an organization.
Q8. To create a PIM policy, what need to be done?
Ans: We should Create CPM Policy, PIM Policy, and Create a PSM connection component & enable the PSM if needed.
Q9. What is BYOC?
Ans: Bring Your Own Client.
Q10. What CyberArk’s modules responsible for recording session?
Q11. How Many Times We Can Increase The Access To Wrong Password Count?
Ans: Maximum 99 times only.
Q12. What Should A Specific User Have To Get Access To A Specific Safe?
Ans: A specific user must have the safe ownership to get access to the specific safe.
Q13. If CyberArk vault user changed his Active Directory password what will happened with his CyberArk account
Ans: Nothing will happen, If CyberArk uses LDAP authentication
Q14. Which Component used on all Cyberark solutions?
Ans: CyberArk Vault
Q15. What are capabilities of PSM for SSH?
Ans: PSM for SSH has the capability of Video recording, Command recording.
Q16. What CyberArk PSM has web form capability means?
Ans: CyberArk PSM has web form capability means, With a set of conditions, PSM connector can be integrated into web based application. By default PSM web capability only covers html login page with form id, input form for user/password and button name attribute
Q17. What are the steps required to register a privilege account to CyberArk PIMS using PVWA?
Ans: Inorder to register to a priviliege accout we need to:
- Create safe & define safe owner
- Create PIM Policy
- Create CPM & PSM Policy
- Add account with its properties (username, password, address etc)
Q18. What are the CyberArk Vault protection layers
Ans: Following are the CyberArk Vault Protection Layers:
- Firewall & Code-Data Isolation
- Encryted Network Communication & Visual Security Audit Trail
- Strong Authentication & Granular Access Control
- File Encryption & Dual Control Security
Q19. What you need to have to enable auto password reconciliation policy?
Ans: Following should enable for auto password reconciliation policy in cyberark:
- Enable Password reconciliation for specific policy
- Additional account on target server with sufficient rights
- Automatic password verification shoud enable
- Enable password reconciliation when password is unsync
Q20. What are User Directories that are supported by CyberArk?
Ans: User Directories that support CyberArk are:
- Active Directory
- Oracle Internet Directory
- Novell eDirectory
- IBM Tivoli DS
Q21. How CyberArk Vault can be managed?
Ans: CyberArk Vault can be managed using PrivateArk Client, PrivateArk Web Client, and Private Vault Web Access.
Q22. What are Authentication schemes supported by CyberArk Vault?
Ans: Here are teh authentication schemes that are suppored by CyberArk vault – LDAP, Radius, PKI.