ExamTopics Logo
Mail Us[email protected]
Menu
Cyberark Discussions
exam questions

Exam PAM-SEN All Questions

View all questions & answers for the PAM-SEN exam
Go to Exam

Exam PAM-SEN topic 1 question 82 discussion

Actual exam question from CyberArk's PAM-SEN
Question #: 82
Topic #: 1
[All PAM-SEN Questions]

What is the recommended method to determine if a PVWA is unavailable and should be disabled in a load balancing pool?

  • A. Monitor Port 443 on the PVWA server
  • B. Monitor Port 1858 on the PVWA server
  • C. Ping the PVWA server
  • D. Monitor Port 3389 on the PVWA server
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Cavdog at Sept. 9, 2023, 3:59 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
f4ee4dc
1 week ago
Selected Answer: A
Should be A, because it tests the communication User -> PVWA. Testing PVWA <--> Vault via 1858 is nonsense in my eyes. Yes, when the vault is down, 443 will be reachable while the user can not login (fields are missing). But in this case it is the vault alerting that should figure out that there might be a problem.
upvoted 1 times
...
8218179
1 year, 5 months ago
i think correct answer is A. https://www.reddit.com/r/CyberARk/comments/vkt3xb/pvwa_load_balancin_poll/
upvoted 3 times
...
Cavdog
1 year, 9 months ago
Selected Answer: B
Unable to find a specific reference for CyberArk’s “recommendation” however traffic to the PVWA (IIS) over port 443 (SSL) will return a 200 status indicating it is still available even if it can’t talk to the vault preventing users from being able to authenticate. If instead port 1858 (e.g. https://<PVWA>/PasswordVault/api/settings/authentication) is monitored this will prevent the NLB directing users to PVWAs when they can’t talk to the vault. Therefore I’m inclined to think that B. is the best answer. https://www.reddit.com/r/CyberARk/comments/f2x60v/f5_health_check/ https://timschindler.blog/application-health-checking-and-load-balancing-cyberark-privileged-vault-web-access-with-haproxy#heading-setting-up-haproxy:~:text=Even%20without%20a%20connection%20to%20the%20Vault%20the%20PVWA%20still%20loads
upvoted 3 times
bitcorso
11 months, 1 week ago
So, you mean A. Monitor Port 443 on the PVWA server
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel