13-12-2022

SHABIKA V
shabikasr474@gmail.com

QUIZ - 2

1. State the reason why we do not join CyberArk vault server to domain?
CyberArk vault server must be well protected from any kind of attack. As it is the core or heart of
the CyberArk it stores the privileged accounts information which must be secured. Therefore to
eliminate the risk of attack the CyberArk vault server is not connected to any domain to remain
isolated. Even in case of any attack when the domain server is compromised, the vault remains
safe and secured.

2. What is the installation order of CyberArk components before v10.7?

The installation order of CyberArk components before v10.7 are:
● Enterprise Production Vault (EPV)
● Central Policy Management (CPM)
● Password Vault Web Access (PVWA)
● Privileged Session Manager (PSA)

3. What do you mean by standalone architecture of the CyberArk vault?

Standalone is one of the 3 environments under the architecture of the vault. It consists of only
1PROD EPV(active) and 1DR EPV(standby). They communicate constantly through the
heartbeat mechanism to check if they are alive or not. Now if the Prod EPV fails, the DR EPV
comes up directly.

4. CPM uses which port for its communication with windows target server over the
network?
CPM uses the ports 443, 139 or 135 for its communication with the windows target server over
the network.

5. What are the prerequisites to be considered before installing CyberArk Vault?

Prerequisites to be considered before installing CyberArk Vault are:
1. Should prepare the Network Interface and do indirect hardening by uninstalling
unwanted network components except for the IPv4 and IPv6.
2. No DNS entries are given in order to isolate Vault to eliminate the risk of attack initiated
through compromised DNS servers.
3. Disable WINS
○ Ensure enabling LMHOSTS lookup is deselected.
○ Disable NetBIOS over TCP/IP is selected so that it's not available to every
network.

6. What is IIS and why is it required?

IIS manager is abbreviated as Internet Information Service manager or is also known as the
Web server. This feature should be enabled during the installation of PVWA for gaining the
PVWA URL to work as it is important to communicate between Web client and Web server.

7. What is DR replication?
It is the process where the data being recorded in either in video(.avi) or text(.txt) format will be
continuously replicated or backed up from the Prod EPV to DR EPV in real time. Usually the
recordings in PSM are stored temporarily and are permanently stored in the EPV.

The DR EPV constantly talks with the Prod EPV through the Heartbeat Mechanism asking it if
it's alive or not. If it is found out not to be alive then the DR EPV takes up as the active vault and
the Prod EPV becomes the new DR Vault.

8. When do we make use of master key in CyberArk?

Master key in CyberArk is used only during an emergency situation such as a disaster to restore
the vault server. Also in case of forgetting the administrator password we can make use of the
Master user to login and then change the administrator password.

9. Which keys comes under operator CD?

The Server key and Recovery Public Key comes under the operator CD. These keys are
required to install and start the vault servers.

10. Which is the main configuration file of disaster recovery vault?

• Dpaprm.ini
• PADR.ini
• Web.config
• Paragent.ini

11. SMTP uses which port for its communication over the network.
• 3389
• 22
• 25
• 636

12. PSM recordings gets saved temporarily in PSM server.

• True
• False

13. Safe naming convention should be less than 28 characters.

• True
• False

14. In order to avoid conflicts with the hardening process, third party applications like
antivirus & backup agents should be installed on the vault server.
• True
• False

15. Which is the file below to get the location of the safes directory?
• Dbparm.ini
• Passparm.ini
• Paragent.ini
• Tsparm.ini