CyberArk Sentry – Privileged Cloud — Question 3

Which statement is correct regarding the LDAP integration with CyberArk Privilege Cloud Standard?

Answer options

• A. You must track the expiration date of the directory server certificate and contact CyberArk Support to renew it.
• B. LDAPS integration with Privilege Cloud requires StartTLS for secure and encrypted communication.
• C. For certificate trust to your directory server, only the issuing CA certificate is required.
• D. The top-level domain entry of the directory must be unique in the chosen Privilege Cloud region.

Correct answer: A

Explanation

The correct answer is A because it is essential to track the expiration date of the directory server certificate and involve CyberArk Support for renewal to maintain security. Option B is incorrect as LDAPS does not require StartTLS; it uses SSL/TLS directly. Option C is wrong because, in many cases, the entire certificate chain is necessary for trust. Option D is misleading as the uniqueness of the top-level domain is not a requirement in the specified context.