ExamTopics Logo
Mail Us[email protected]
Menu
Cyberark Discussions
exam questions

Exam PAM-SEN All Questions

View all questions & answers for the PAM-SEN exam
Go to Exam

Exam PAM-SEN topic 1 question 21 discussion

Actual exam question from CyberArk's PAM-SEN
Question #: 21
Topic #: 1
[All PAM-SEN Questions]

Your customer upgraded recently to version 12.2 to allow the Linux team to use the new MFA caching feature. The PSM for SSH was installed with default configuration settings. After setting the Authentication to SSH key and enabling MFA Caching from the PVWA interface, the Linux Team cannot connect successfully using the new MFA caching feature.
What is the most probable cause?

  • A. OpenSSH 7.8 or above is not installed.
  • B. The MFACaching parameter in the psmpparms file is not set to True.
  • C. A passphrase policy must be added.
  • D. MFA caching is not supported when the PSM for SSH is deployed with default settings.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by penuelaandy at March 14, 2023, 9:24 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
penuelaandy
Highly Voted 1 year, 1 month ago
Selected Answer: A
Sorry. Option A is correct. Because the question say PSM for SSH is installed with default configuration, so staring from version 12.0, the default installation mode of PSM for SSH is set to Integrated (InstallCyberArkSSHD = Integrated). To use MFA caching in Integrated mode ( InstallCyberArkSSHD=Integrated), OpenSSH 7.8 and above is required on the PSM for SSH machine. https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/12.2/en/Content/PASIMP/MFA-Caching.htm?searchString=&from=0&sortby=_score&orderBy=desc&pageNo=1&aggregations=%5B%5D&uid=0d99d231-d8b2-11ea-8f5c-0242ac120009&resultsPerPage=10&exactPhrase=&withOneOrMore=&withoutTheWords=&pageSize=10&language=en&state=1&suCaseCreate=false#:~:text=To%20use%20MFA%20caching%20in%20Integrated%20mode%20(%20InstallCyberArkSSHD%3DIntegrated)%2C%20OpenSSH%207.8%20and%20above%20is%20required%20on%20the%20PSM%20for%20SSH%20machine.
upvoted 9 times
penuelaandy
1 year, 1 month ago
B. The MFACaching parameter in the psmpparms file is not set to True. INVALID. Because that parameter doesn't exist. C. A passphrase policy must be added. INVALID Because passphrase policy is needed if you enable passphrase to greater security. But you can use MFACaching without passphrase. D. MFA caching is not supported when the PSM for SSH is deployed with default settings. INVALID. Because the question say MFACaching was enabled.
upvoted 5 times
...
...
Cavdog
Most Recent 8 months ago
Selected Answer: A
This one is also a bit tricky in the sense that the default settings have MFA Caching disabled which would make either B. or D. correct however it specifically states that it was enabled via the PVWA and there is no MFACaching parameter in psmparms so that leaves the prerequisite for OpenSSH 7.8+ as the only reasonable cause. https://docs.cyberark.com/PAS/Latest/en/Content/PASIMP/MFA-Caching.htm#:~:text=OpenSSH%207.8%20and%20above%20is%20required%20on%20the%20PSM%20for%20SSH%20machine
upvoted 3 times
...
Fabri59
11 months, 2 weeks ago
Selected Answer: A
The answer is A. https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/12.6/en/Content/PAS%20Cloud/ChangeServerKeys-cloud.htm?tocpath=Installation%7CInstall%20Privileged%20Access%20Manager%20-%20Self-Hosted%C2%A0in%20a%20cloud%20environment%7CInstall%20the%20Digital%20Vault%20on%20the%20cloud%7C_____14
upvoted 3 times
...
penuelaandy
1 year, 1 month ago
Selected Answer: C
https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/13.0/en/Content/PASIMP/MFA-Caching.htm#Addapassphrasepolicy
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago