CyberArk Trustee – Privileged Access Management — Question 69

In accordance with best practice, SSH access is denied for root accounts on UNIXLINUX system.
What is the BEST way to allow CPM to manage root accounts?

Answer options

• A. Create a privileged account on the target server. Allow this account the ability to SSH directly from the CPM machine. Configure this account of the target server's root account.
• B. Create a non-privileged account on the target server. Allow this account the ability to SSH directly from the CPM machine. Configure this account as the Logon account of the target server's root account.
• C. Configure the Unix system to allow SSH logins.
• D. Configure the CPM to allow SSH logins.

Correct answer: B

Explanation

Option B is correct because it adheres to best practices by using a non-privileged account to manage root access, minimizing security risks. Option A is incorrect as it suggests creating a privileged account, which contradicts the principle of least privilege. Options C and D do not specifically address the requirement of CPM managing root accounts effectively.