CyberArk Trustee – Privileged Access Management — Question 11

For an account attached to a platform that requires Dual Control based on a Master Policy exception, how would you configure a group of users to access a password without approval?

Answer options

• A. Create an exception to the Master Policy to exclude the group from the workflow process.
• B. Edit the master policy rule and modify the advanced 'Access safe without approval' rule to include the group.
• C. On the safe in which the account is stored grant the group the 'Access safe without audit' authorization.
• D. On the safe in which the account is stored grant the group the 'Access safe without confirmation' authorization.

Correct answer: D

Explanation

The correct answer is D, as granting the 'Access safe without confirmation' authorization allows the specified group to access the password directly without needing additional approvals. Option A would completely exclude the group from the workflow, which is not the requirement. Option B modifies the policy but does not specifically grant the necessary access for this scenario. Option C allows access without audit but still requires confirmation, which does not meet the criteria set by the question.