New Year Sale - Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70dumps

SECRET-SEN Questions and Answers

Question # 6

Match each use case to the appropriate Secrets Manager Solution.

Full Access
Question # 7

What is the correct process to upgrade the CCP Web Service?

A.

Run “sudo yum update aimprv” from the CLI.

B.

Double-click the Credential Provider installer executable and select upgrade.

C.

Double-click the AimWebService.msi and select upgrade.

D.

Uninstall and reinstall the CCP Web Service.

Full Access
Question # 8

Which statement is correct about this message?

Message: “[number-of-deleted-rows] rows has successfully deleted “CEADBR009D Finished vacuum”?

A.

It notes the number of records deleted from the database and does not require any action.

B.

The user specified for Conjur does not have the appropriate permissions to retrieve the audit database (audit .db).

C.

When audit retention was performed, the query on the Ul audit database (audit.db) generated an error.

D.

The Vault Conjur Synchronizer successfully deleted the password objects that were marked for deletion in the PVWA.

Full Access
Question # 9

What is a main advantage of using dual accounts in password management?

A.

Since passwords are cached for both rotation accounts, it ensures the password for an application will not be changed, reducing the amount of blackout dates when a password expires.

B.

It ensures passwords are rotated every 90 days, which respects the expected downtime for a system, database, or application

C.

It ensures no delays are incurred when the application needs credentials because a password that is currently used by an application will never be changed

D.

Since there are two active accounts, it doubles the probability that a system, database, or application will successfully authenticate.

Full Access
Question # 10

What is the correct command to import the root CA certificate into Conjur?

A.

docker exec evoke ca import – –no-restart – –root

B.

docker exec evoke import – –no-restart – –root

C.

docker exec evoke ca import – –no-restart

D.

docker exec ca import

Full Access
Question # 11

When attempting to retrieve a credential, you receive an error 401 – Malformed Authorization Token.

What is the cause of the issue?

A.

The token is not correctly encoded.

B.

The token you are trying to retrieve does not exist.

C.

The host does not have access to the credential with the current token.

D.

The credential has not been initialized.

Full Access
Question # 12

You are diagnosing this log entry:

From Conjur logs:

Given these errors, which problem is causing the breakdown?

A.

The Jenkins certificate chain is not trusted by Conjur.

B.

The Conjur certificate chain is not trusted by Jenkins.

C.

The JWT sent by Jenkins does not match the Conjur host annotations.

D.

The Jenkins certificate is malformed and will not be trusted by Conjur.

Full Access
Question # 13

You start up a Follower and try to connect to it with a REST call using the server certificate, but you get an SSL connection refused error.

What could be the problem and how should you fix it?

A.

The certificate does not contain the Follower hostname as a Subject Alternative Name (SAN). Generate a new certificate for the Follower.

B.

One of the PostgreSQL ports (5432. 1999) is blocked by the firewall Open those ports.

C.

Port 443 is blocked; open that port.

D.

The certificate is unnecessary. Use the command option to suppress SSL certificate checking.

Full Access
Question # 14

Refer to the exhibit.

How can you confirm that the Follower has a current copy of the database?

A.

Compare the pgcurrentxlog_locationlocation from the Leader to the Follower you need to validate against.

B.

Count the number of components in pgstartreplication and compare this to the total number of Followers in the deployment.

C.

Validate that the Follower container ID matches the node in the info endpoint on the Leader.

D.

Retrieve the credential from a test application on the Leader cluster; then retrieve against the Follower and compare if they are accurate.

Full Access
Question # 15

When working with Summon, what is the purpose of the secrets.yml file?

A.

It is where Summon outputs the secret value after retrieval.

B.

It is where you define which secrets to retrieve.

C.

It is where you store the Conjur URL and host API key.

D.

It is the log file for Summon.

Full Access
Question # 16

When attempting to configure a Follower, you receive the error:

Which port is the problem?

A.

5432

B.

1999

C.

443

D.

1858

Full Access
Question # 17

An application is having authentication issues when trying to securely retrieve credential’s from the Vault using the CCP webservices RESTAPI. CyberArk Support advised that further debugging should be enabled on the CCP server to output a trace file to review detailed logs to help isolate the problem.

What best describes how to enable debug for CCP?

A.

Edit web.config. change the “AIMWebServiceTrace” value, restart Windows Web Server (IIS)

B.

In the PVWA, go to the Applications tab, select the Application in question, go to Options > Logging and choose Debug.

C.

From the command line, run appprvmgr.exe update_config logging=debug.

D.

Edit the basic_appprovider.conf, change the “AIMWebServiceTrace" value, and restart the provider.

Full Access
Question # 18

What does “Line of business (LOB)” represent?

A.

a business group requiring access to secrets from the Vault/Privilege Claud to facilitate syncing accounts to Conjur

B.

the services that Conjur offers and typically refers to a group of application identities in Conjur

C.

a business group that meets a certain set of Conjur policies for entitlements and policy management

D.

the services that Conjur offers and typically refers to the list of configured and enabled authenticators in Conjur

Full Access