CyberArk Defender – Access — Question 6

ACME Corporation employees access critical business web applications through CyberArk Identity. You notice a constant high volume of unauthorized traffic from 103.1.200.0/24 trying to gain access to the CyberArk Identity portal. Access to the CyberArk Identity portal is time sensitive. ACME decides to enforce IP restrictions to reduce vulnerability.
Which configuration can help achieve this?

Answer options

• A. Log in to the CyberArk Identity Admin portal and define the IP range of 103.1.200.0/24 into the ACME Corporation IP range.
• B. Log in to the CyberArk Identity Admin portal and define the IP range of 103.1.200.0/24 into the blocked IP range.
• C. Implement device trust through the Windows Cloud Agent.
• D. Implement zero trust through the App Gateway.

Correct answer: B

Explanation

The correct answer is B because blocking the IP range of 103.1.200.0/24 will prevent unauthorized traffic from accessing the CyberArk Identity portal, thereby enhancing security. Option A would mistakenly allow traffic from that range instead of blocking it. Option C and D do not address the immediate issue of unauthorized IP access directly related to the specified IP range.