CyberArk Sentry – Privileged Access Management — Question 59

Which Master Policy Setting(s) must be active in order to have an account checked-out by one user for a pre-determined amount of time?

Answer options

• A. Require Dual Control password access approval
• B. Enforce check-in/check-out exclusive access
• C. Enforce one-time password access
• D. Enforce check-in/check-out exclusive access & enforce one-time password access

Correct answer: D

Explanation

The correct answer is D because both 'Enforce check-in/check-out exclusive access' and 'enforce one-time password access' are necessary to secure the account during the check-out period. Option A does not relate to the check-out process, and option B alone does not include the one-time password requirement, which is essential for added security.