Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free CyberArk PAM-SEN Practice Exam with Questions & Answers | Set: 2

Questions 11

What is the name of the account used to establish the initial RDP session from the end user client machine to the PSM server?

Options:
A.

PSMConnect

B.

PSMAdminConnect

C.

PSM

D.

The credentials the end user retrieved from the vault

CyberArk PAM-SEN Premium Access
Questions 12

You need to add a new PSM server to an existing CyberArk environment.

What is the best way to determine the sizing of this server?

Options:
A.

Review the “Recommended Server Specifications” for PSMs in the CyberArk Documents website. Most Voted

B.

Use the specifications of any existing PSM and request a server of the same size.

C.

Use the CyberArk Support Knowledgebase, search for “PSM Sizing” and locate the Knowledgebase article related to sizing.

D.

Refer to the Microsoft Windows website, determine the minimum specifications required for the Operating System you are installing, and then add 4 Gb of RAM and 20 GB of disk.

Questions 13

Which statement is correct about CPM behavior in a distributed Vault environment?

Options:
A.

CPMs should only access the primary Vault. When it is unavailable, CPM cannot access any Vault until another Vault is promoted as the new primary Vault.

B.

CPMs should access only the satellite Vaults.

C.

CPMs should only access the primary Vault. When it is unavailable, CPM cannot access any Vault until the original primary Vault is operational again.

D.

CPM should access all Vaults - primary and the satellite.

Questions 14

What is required before the first CPM can be installed?

Options:
A.

The environment must have at least one Vault and one PVWA installed.

B.

The Vault environment must have at least one account stored in a safe.

C.

Custom platforms must be downloaded from the CyberArk Marketplace.

D.

The PSM component must be installed and proper functionality validated.

Questions 15

When SAML authentication is used to sign in to the PVWA, which service performs the actual authentication?

Options:
A.

Active Directory (AD)

B.

Identity Provider (IdP) Most Voted

C.

Service Provider (SP)

D.

CyberArk Password Vault Web Access (PVWA)

Questions 16

Which parameter must be identical for both the Identity Provider (IdP) and the PVWA?

Options:
A.

IdP “EntityID” and “PartnerIdentityProvider Name” in PVWA saml.config file

B.

IdP “User name” and “SingleSignOnServiceUrl” in PVWA saml.config file

C.

IdP “Audience” and “ServiceProviderName” in the PVWA saml.config file

D.

IdP “Secure hash algorithm” and “Certificate” in the PVWA saml.config file

Questions 17

What are the operating system prerequisites for installing CPM? Select all that apply.

Options:
A.

NET 3.51 Framework Feature

B.

Web Services Role

C.

Remote Desktop Services Role

D.

Windows 2008 R2 or higher.

Questions 18

Which of the following are secure options for storing the contents of the Operator CD, while still allowing the contents to be accessible upon a planned Vault restart? Choose all that apply

Options:
A.

Store the CD in a physical safe and mount the CD every time vault maintenance is performed.

B.

Copy the contents of the CD to the System Safe on the vault

C.

Copy the contents of the CD to a folder on the vault server and secure it with NTFS permissions.

D.

Store the server key in a Hardware Security Module.

E.

Store the server key in the Provider cache

Questions 19

Which file must you edit to ensure the PSM for SSH server is not hardened automatically after installation?

Options:
A.

vault.ini

B.

user.cred

C.

psmpparms

D.

psmgw.config

Questions 20

To enable LDAP over SSL for a Vault when DNS lookups are blocked, which step must be completed?

Options:
A.

Add the FQDN & IP details for each LDAP host into the local hosts file of the Vault server. Most Voted

B.

Configure an AllowNonStandardFWAddresses rule in DBParm.ini on the Vault to allow outbound TCP 53 to the organization’s DNS servers.

C.

Ensure LDAP hosts added to the directory mapping configuration are defined using only IP addresses.

D.

Set the ReferralsDNSLookup parameter value to “No” in the directory configuration.

Exam Code: PAM-SEN
Certification Provider: CyberArk
Exam Name: CyberArk Sentry PAM
Last Update: Jul 17, 2025
Questions: 136

CyberArk Related Exams

How to pass CyberArk CPC-SEN - CyberArk Sentry - Privilege Cloud Exam
PAM-DEF - CyberArk Defender - PAM
CAU305 - CyberArk CDE Recertification
ACCESS-CDE-RECERT - CyberArk CDE-ACCESS Recertification
EPM-CDE-RECERT - CyberArk CDE-EPM Recertification
CAU302 - CyberArk Defender + Sentry
CAU310 - CyberArk Endpoint Privilege Manager Exam
GUARD - CyberArk Guardian Exam
PAM-CDE-RECERT - CyberArk CDE Recertification
CAU401 - CyberArk EPM Certification Exam
ACCESS-DEF - CyberArk Defender Access
EPM-DEF - CyberArk Defender - EPM
SECRET-CDE-RECERT - CyberArk CDE-SECRET Recertification
CPC-CDE-RECERT - CyberArk CDE-CPC Recertification
SECRET-SEN - CyberArk Sentry Secrets Manager
CyberArk Free Access
Get CyberArk Full Access

CyberArk Free Exams
CyberArk Free Exams
Prepare effectively for CyberArk certification exams with free study resources and practice tests from Examstrack.