CyberArk CDE-CPC Recertification 온라인 연습
최종 업데이트 시간: 2026년06월29일
당신은 온라인 연습 문제를 통해 CyberArk CPC-CDE-RECERT 시험지식에 대해 자신이 어떻게 알고 있는지 파악한 후 시험 참가 신청 여부를 결정할 수 있다.
시험을 100% 합격하고 시험 준비 시간을 35% 절약하기를 바라며 CPC-CDE-RECERT 덤프 (최신 실제 시험 문제)를 사용 선택하여 현재 최신 99개의 시험 문제와 답을 포함하십시오.
정답:
정답:
Explanation:
The basic network requirements to deploy a CyberArk Privilege Management Central Policy Manager (CPM) server include Port 1858 to the Privilege Cloud Vault service backend and Port 443 to the Privilege Cloud Portal. Port 1858 is necessary for communication with the CyberArk Vault, facilitating essential interactions like password retrieval and updates. Port 443 is required for secure web traffic to and from the Privilege Cloud Portal, ensuring that all management tasks performed through the web interface are secure and encrypted. These ports must be properly configured to allow for the efficient and secure operation of the CPM within the Privilege Cloud infrastructure.
정답:
Explanation:
On CyberArk Privilege Cloud, updating users' permissions on safes can be done through the Privilege Cloud Portal and the REST API. The Privilege Cloud Portal provides a user-friendly graphical interface where administrators can manage user permissions directly within the portal's safe management settings. Additionally, the REST API offers a programmable way to automate permission updates across safes, which is especially useful for bulk changes or integrating with other management tools. Both methods provide effective means to manage and customize access controls in a CyberArk environment, allowing for detailed permission settings per user on specific safes.
정답: B
Explanation:
The correct description of the authentication differences between CyberArk Privilege Cloud and CyberArk PAM Self-Hosted is that CyberArk Privilege Cloud uses cloud-based methods, integrating with CyberArk Identity for Multi-Factor Authentication (MFA), and supports SAML and OIDC, while CyberArk PAM Self-Hosted relies on on-premises methods such as RADIUS and LDAP, but can adopt SAML or OIDC with additional setups. CyberArk Privilege Cloud is designed to leverage modern cloud-based authentication protocols to enhance security and ease of use, particularly in distributed and diverse IT environments. In contrast, CyberArk PAM Self-Hosted offers flexibility to use traditional on-premises authentication methods but also supports modern protocols if configured to do so.
정답:
Explanation:
The correct statement about using the AllowedSafes platform parameter is that it prevents the Central Policy Manager (CPM) from scanning all safes, restricting it to scan only safes that match the AllowedSafes configuration. This parameter is crucial in large-scale deployments where efficiency and resource management are key. By specifying which safes the CPM should manage, unnecessary scanning of irrelevant safes is avoided, thus optimizing the CPM's performance and reducing the load on the CyberArk environment. This configuration can be found in the platform management section of the CyberArk documentation.
정답:
Explanation:
For LDAP integration with CyberArk Privilege Cloud Standard, the correct statement is that only the Issuing CA certificate is required for certificate trust to your directory server. This setup simplifies the process of establishing a trusted connection between CyberArk and the LDAP server by necessitating only the certification of the issuing Certificate Authority (CA), rather than needing multiple certificates from different levels of the trust chain. This approach ensures that the SSL/TLS communication between CyberArk and the LDAP server is secured based on the trust of the issuing CA’s certificate.

정답: 
Explanation:
1-Run the Connector Management Connector installer
2-Install the CPM and PSM
3-When you are prompted to select the components to install, select CPM.
4-When you are prompted to select the CPM mode, select Passive.
https://docs.cyberark.com/ispss-deployment/latest/en/content/privilege%20cloud/privcloud-cpm-dr-install-config.htm
정답:
Explanation:
In large-scale environments, to enable the Central Policy Manager (CPM) to focus its search operations on specific Safes instead of scanning all Safes it sees in the Vault, the AllowedSafes parameter on each platform policy is used. This parameter can be configured within the platform settings in the CyberArk administration interface. By specifying safes in the AllowedSafes parameter, the CPM will only manage credentials within those designated safes, thereby optimizing performance and managing resources more efficiently by not scanning unnecessary safes. This setting is crucial for large environments where the CPM needs to be as efficient as possible due to the volume of managed accounts.
정답:
Explanation:
https://docs.cyberark.com/privilege-cloud-standard/latest/en/content/pas%20inst/cpm-hardening-task-descriptions.htm?Highlight=cpm%20hardening%20accounts#AddsuserstoLocalgrouppolicySecuritysettings
정답:
Explanation:
https://docs.cyberark.com/privilege-cloud-standard/Latest/en/Content/Security/PSM-hardening-configuration.htm?Highlight=disable%20support%20for%20browsers
정답:
정답:
Explanation:
For large implementations of CyberArk Privilege Cloud Connectors in AWS and Azure environments, each connector can handle between 31-60 concurrent RDP/SSH sessions. This capacity is specified in the CyberArk documentation concerning Privilege Cloud Connectors and their scalability options. It is designed to support a higher volume of concurrent sessions to meet the needs of larger enterprise environments, ensuring that multiple users can securely access resources without significant performance degradation.
정답:
Explanation:
To allow a PSM Universal Connector executable to run on the PSM after the hardening process, you should update the PSMConfigureAppLocker.xml file. This file configures AppLocker, which is a feature that controls which apps and files users can run on a system. Including the necessary executable in the PSMConfigureAppLocker.xml ensures it is whitelisted by AppLocker policies, thus permitted to execute even under the hardened security settings of the PSM environment. References to this configuration can be found in the CyberArk Privilege Session Manager implementation documentation, specifically in sections detailing customization and security hardening of environment configurations.
정답:
Explanation:
For PSM Web Connectors developed using the CyberArk Plugin Generator Utility (PGU), the supported browser is Google Chrome. This is because the PGU is designed to create plugins that are most compatible with Chrome's web technologies and security frameworks. Chrome is generally recommended by CyberArk for its up-to-date security features and extensive support for web applications. This is further supported by the CyberArk documentation on the Plugin Generator Utility, which specifies browser compatibility and the optimal environment for deploying web connectors.
정답:
Explanation:
For retrieving the LDAPS certificate when not using the CyberArk provided LDAPS certificate tool, the supported certificate format is .der. The DER (Distinguished Encoding Rules) format is a binary form of a certificate rather than the ASCII PEM format. This format is widely supported across various systems for securing LDAP connections by providing a mechanism for LDAP servers to authenticate themselves to users. This information can be verified by checking LDAP configuration guides and CyberArk's secure implementation documentation which outline supported certificate formats for LDAP integrations.