CyberArk Sentry – Privileged Cloud — Question 70

You want to enforce Multi-Factor Authentication (MFA) for all Privilege Cloud Shared Services users and require them to set up an MFA factor.

How should you accomplish this?

Answer options

• A. Only allow SAML as the authentication method, enforce MFA on the SAML Identity Provider (IdP), and ensure users set up MFA accordingly on the IdP.
• B. Navigate to the Identity Administration Portal's policies section and configure the required authentication policies for CyberArk Identity.
• C. Navigate to the Identity Administration Portal's policies section and set the user security policy for Privilege Cloud to an authentication profile that only allows Multiple Authentication mechanisms.
• D. Navigate to the Identity Administration Portal's policies section and configure the authentication policies for CyberArk Identity, adding a new authentication rule that applies with an 'identity cookie' as a filter.

Correct answer: B

Explanation

The correct answer is B because it directly addresses the need to configure authentication policies specifically for CyberArk Identity, which is crucial for enforcing MFA. Option A is incorrect as it focuses solely on SAML and does not ensure that users configure MFA within CyberArk. Option C does not specifically mention MFA requirements, and option D introduces unnecessary complexity without addressing MFA directly.