CyberArk Defender – PAM — Question 24

Which processes reduce the risk of credential theft? (Choose two.)

Answer options

• A. require dual control password access approval
• B. require password change every X days
• C. enforce check-in/check-out exclusive access
• D. enforce one-time password access

Correct answer: B, D

Explanation

Option B is correct because requiring regular password changes limits the lifespan of compromised credentials. Option D is also correct as one-time passwords provide a higher level of security by ensuring that each access attempt requires a unique code, making it harder for attackers to reuse stolen credentials. Options A and C do not specifically address credential theft risks directly and are less effective in this context.