1. What is CyberArk?
CyberArk is an information security organization that offers Privileged Access Security. CyberArk’s PAS module is widely used in the financial services, energy, retail, healthcare, and government markets.
2. Why do we use CyberArk?
CyberArk PAS solution is designed to discover, secure, rotate and control access to the most sensitive credentials within the organization that is used to access multiple systems with elevated permission within an organization’s architecture.
3. What do you understand by privileged account security?
Privileged access security is a domain that deals with to most sensitive credentials within the organization and aims to secure them by enabling audit controls and imposing restrictions.
4. Name one of the log files in CPM, PVWA
CPM – PM_logs, PM_error. (Refer to the CPM theory sheet and Troubleshooting Session Recording)
PSM – PSMConsole.log (Contains PSM session information and errors)
PSMTrace.log (Contains PSM internal events)
PVWA – WebApplication.log (Contains PVWA Application logs)
WebConsole.log (Contains PVWA internal events)
5. Explain the DR process
Failover Process: Primary Vault Stops, DR vault tries to reach out to the primary Vault for 5 consecutive attempts. If it’s not able to connect even after 5 attempts, it’s going to start the failover process, terminate the disaster recovery service, and start acting as the primary Vault
Failback Process: Process of Restoring the infrastructure when the primary vault is fixed.
6. Explain the use case around CPM
Requirement of Password Management and Accounts Discovery
7. Explain CP and CCP
CyberArk has a Module to manage non-interactive accounts that are being used in applications or scripts. Plain-Text credentials can be replaced by API or SDK strings that can fetch the passwords directly from CyberArk Vault instead of hardcoding the credentials within the script.
The AAM solution has two components:
Credential Provider (CP): CP agents can be installed on the server where the application is running. It can use SDKs strings to fetch the passwords from cyber ark Vault in real-time and replace that with hardcoded credentials
Central Credential Provider (CCP): CCP agent will be installed Centrally in a web server (PVWA can be used) and can replace hardcoded credentials with a rest API string that can automatically login to the PVWA and fetch the passwords.
8. How do you onboard accounts in CyberArk
We can use manual onboardings, accounts discovery features, and password upload utility
9. When upgrading, did you just get a new license or continue with the upgrade?
Existing licenses will work as long as they are valid.
10. Migrating privilege credentials from a different company?
The phased Wise Approach needs to be followed:
-Identify the credentials that need to be migrated
-Build a POC, testing environment, and onboard test credentials
-Communicate to the application team and do end-to-end UAT testing
-After UAT signoff, move the credentials to production
11. What are the Components of CyberArk?
Following CyberArk Components includes:
- Privileged Identity Management (PIM)
- Enterprise Password Vault (EPV)
- CPM- Central Policy Manager
- PVWA- Password Vault Web Access
- PSM- Privileged Session Manager
- OPM- On-Demand Privileges Manager
- AIM- Application Identity Management
- CVS- Cyber Vault Synchronizer
- PTA- Privileged Threat Analytics
12. Explain CyberArk password reconciliation.
Reconciliation is a Process where CPM uses a powerful credential of the target system to auto-synchronize the password for the accounts onboarded in CyberArk.
13. Mention the User Directories which is supported by CyberArk?
- Oracle Internet Directory
- Novell eDirectory
- Active Directory
- IBM Tivoli DS
These are some basic Cyberark interview questions by our expert to get Cyberark Certification from cyberark training in Bangalore.