AllowNonStandardFWAddresses Firewall Exception Syntax - answer-AllowNonStandardFWAddresses=[HSM-IP],Yes,1024:inbound/tcp,1024:outbound/tcp
Syntax Command CAVaultManager uses to store a secret - answer-CAVaultM /SecretType HSM /Secret password
Syntax command to install a server key to an HSM d...
Syntax Command CAVaultManager uses to store a secret - answer-
CAVaultManager.exe /SecretType HSM /Secret password
Syntax command to install a server key to an HSM device using
CAVaultManager - answer-CaVaultManager.exe LoadServerKeyToHSM
Syntax command to re-generate a key on the HSM where the new value is
unknown to the operator - answer-CAVaultManager.exe
GenerateKeyOnHSM /ServerKey.
Then, ChangeServerKeys.exe
Any changes made to the DBParms.ini configuration file require a _________ -
answer-reboot
What should you do to complete a post-install hardening of the Vault? -
answer-1.) Identify appropriate services are started.
2.) Check that firewall exceptions have been made in the DBParms.ini file.
3.) Ensure the server key is running successfully on the HSM.
4.) Ensure the Operator disk is correctly secured with NTFS permissions.
Steps to complete a Vault installation - answer-1.) Check that the server
rebooted properly
2.) Ensure that the ITALog displays the following message: ITAFW001I
Firewall is open for client communication"
3.) Ensure the three safes: System, VaultInternal, Notification Engine were
created.
4.) Ensure the 6 services were installed and started. (Later flash card)
5.) Test master login
6.) Network Areas should be configured to only allow connections from the
planned IP addresses for CyberArk Components
What 6 services are installed and started after installing the Vault? - answer-
1.) Cyber-Ark Event Notification Engine
2.) Cyber-Ark Hardened Windows Firewall
3.) CyberArk Logic Container
4.) PrivateArk Database
5.) PrivateArk Remote Control Agent
6.) PrivateArk Server
, How do you prepare a Windows server for Vault installation? - answer-1.)
Ensure it meets the minimum requirements for CyberArk.
2.) Ensure the server is of type Workstation and has never been connected
to a domain.
3.) Load installation files into the server.
4.) Disable all network components aside from IPv4 and optionally IPv6.
4.) Disable DNS lookup and LMHosts lookup for WINS. Disable NetBios as
well.
Four Stages of PVWA Installation - answer-1.) Pre-Installation Tasks
2.) Installation
3.) Post-Install Tasks
4.) Hardening
PVWA Pre-Installation Tasks - answer-1.) Review Requirements
2.) Close Applications and Log On
3.) Run Prerequisites Script
PVWA Installation Tasks - answer-1.) Run the PVWA Installation Script
2.) Registration (Connecting to the Vault)
PVWA Post-Installation Tasks - answer-1.) Check Installation Log Files
2.) Check User Permissions on Web Server
3.) Add Restrictions to Credential Files
4.) Set API Throttling
PVWA Hardening Tasks - answer-1.) Run Hardening Script
2.) Apply Post Hardening Configurations
3.) *Harden server in a Domain environment
*Only perform this task if your PVWA server is part of a domain
What VAULT permissions are needed to perform integration for the PVWA? -
answer-- Add Safes
- Add/Update Users
- Activate Users
- Manage Server File Categories
- Audit Users
The user performing the installation must have the following Safe
Permissions with ownership of the VaultInternal and Notification Engine
safes. - answer-- List Files
- Retrieve Files
- Manage Safe
- Manage Safe Owners
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller TOPDOCTOR. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $10.99. You're not tied to anything after your purchase.
