CPC-SEN Exam Dumps : CyberArk Sentry - Privilege Cloud

To map LDAP users from both your customer and the smaller organization they have merged with, especially when there is no network connectivity between the two infrastructures, the best approach is to:

• Deploy Identity Connectors in the newly acquired infrastructure and create user mappings (Option C). This involves setting up additional Identity Connectors within the smaller organization’s network. These connectors will facilitate the integration of user directories from both organizations into the customer’s Privilege Cloud environment.

In CyberArk Privilege Cloud, Multi-Factor Authentication (MFA) can be configured to enhance security by requiring multiple methods of authentication from independent categories of credentials to verify the user's identity. The available authentication methods include:

• Windows Authentication: Leverages the user's Windows credentials.
• PKI (Public Key Infrastructure): Utilizes certificates to authenticate.
• RADIUS (Remote Authentication Dial-In User Service): A networking protocol that provides centralized Authentication, Authorization, and Accounting management.
• CyberArk: Uses CyberArk's own authentication methods.
• LDAP (Lightweight Directory Access Protocol): Protocol for accessing and maintaining distributed directory information services.
• SAML (Security Assertion Markup Language): An open standard that allows identity providers to pass authorization credentials to service providers.
• OpenID Connect (OIDC): An authentication layer on top of OAuth 2.0, an authorization framework.

Reference for this can be found in the CyberArk Privilege Cloud documentation, which details the integration and setup of MFA using these methods.

To correctly change the default PSM recordings folder path on the Privilege Cloud Connector, the sequence of steps should be:

• Create a corresponding folder in the new location.Before making changes to configuration files, ensure the new directory for PSM recordings is created. This is where all session recordings will be stored moving forward.
• In the Basic_psm.ini file, set RecordingsDirectory with the new path.Update the Basic_psm.ini file to reflect the new path for the recordings. This step is crucial as it directs the PSM to start using the newly created directory for all future session recordings.
• Restart the PSM service.After updating the path in the configuration file, restart the PSM service to apply the changes. This ensures that all new sessions are recorded in the new specified location.
• Run the PSMHardening script.Once the service is restarted and the new settings are in place, run the PSMHardening script. This script ensures that all security measures are re-applied to the new recordings directory, maintaining the security integrity of the session recordings.

Following these steps in the given order will successfully change the recording directory for PSM sessions on the Privilege Cloud Connector, ensuring a smooth transition to the new storage location with all necessary security measures intact.