CyberArk Trustee – Privileged Access Management — Question 129
Which of the following are secure options for storing the contents of the Operator CD, while still allowing the contents to be accessible upon a planned Vault restart? (Choose three.)
Answer options
- A. Store the CD in a physical safe and mount the CD every time Vault maintenance is performed
- B. Copy the entire contents of the CD to the system Safe on the Vault
- C. Copy the entire contents of the CD to a folder on the Vault Server and secure it with NTFS permissions
- D. Store the server key in a Hardware Security Module (HSM) and copy the rest the keys from the CD to a folder on the Vault Server and secure it with NTFS permissions
Correct answer: A, C, D
Explanation
Option A is correct as storing the CD in a physical safe and mounting it during maintenance ensures security while allowing access. Option C is also valid since securing the copied contents with NTFS permissions adds a layer of protection. Option D is correct as well, as utilizing an HSM for the server key enhances security, but the other options like B do not provide adequate security measures.