CyberArk PAM-CDE Recertification — Question 49

Your organization has a requirement to allow users to "check out passwords" and connect to targets with the same account through the PSM.
What needs to be configured in the Master policy to ensure this will happen?

Answer options

• A. Enforce check-in/check-out exclusive access = active; Require privileged session monitoring and isolation = active
• B. Enforce check-in/check-out exclusive access = inactive; Require privileged session monitoring and isolation = inactive
• C. Enforce check-in/check-out exclusive access = inactive; Record and save session activity = active
• D. Enforce check-in/check-out exclusive access = active; Record and save session activity = inactive

Correct answer: A

Explanation

The correct answer is A, as it requires both check-in/check-out exclusive access and privileged session monitoring to be active, which is necessary for users to securely check out passwords and connect to targets. The other options either do not activate the exclusive access or do not enforce the required monitoring and isolation, which would not meet the organization's needs.