CyberArk PAM-CDE Recertification — Question 22
You are creating a Dual Control workflow for a team's safe.
Which safe permissions must you grant to the Approvers group?
Answer options
- A. List accounts, Authorize account request
- B. Retrieve accounts, Access Safe without confirmation
- C. Retrieve accounts, Authorize account request
- D. List accounts, Unlock accounts
Correct answer: A
Explanation
The correct answer is A because the Approvers group needs to be able to view the accounts and authorize requests for them, which is essential for the Dual Control workflow. Options B, C, and D do not provide the necessary permissions for the Approvers group to effectively manage account requests within the safe.