CyberArk PAM-CDE Recertification — Question 33

After installing the Vault, you need to allow Firewall Access for Windows Time service to sync with NTP servers 10.1.1.1 and 10.2.2.2.
What should you do?

Answer options

• A. Edit DBParm.ini to add: AllowNonStandardFWAddresses=[10.1.1.1,10.2.2.2],Yes,123:outbound/udp.
• B. Edit DBParm.ini to add: NTPServer=[10.1.1.1:123/UDP,10.2.2.2:123/UDP].
• C. Edit DBParm.ini to add: AllowNonStandardFWAddresses=[10.1.1.1,10.2.2.2],Yes:123,outbound/udp,123:inbound/udp.
• D. Edit the Windows Firewall configuration to add a rule for Port 123/udp outbound to 10.1.1.1 and 10.2.2.2.

Correct answer: A

Explanation

The correct answer is A because it specifically allows the specified NTP servers through the firewall by modifying the DBParm.ini file with the appropriate syntax. Options B and C do not correctly configure the firewall access needed for outbound traffic to the NTP servers, and option D, while a potential solution, does not utilize the DBParm.ini configuration which is the requirement of the question.