CyberArk Defender – PAM — Question 41

Your organization has a requirement to allow only one user to "check out passwords" and connect through the PSM securely.
What needs to be configured in the Master policy to ensure this will happen?

Answer options

• A. Enforce check-in/check-out exclusive access = active; Require privileged session monitoring and isolation = active
• B. Enforce check-in/check-out exclusive access = inactive; Require privileged session monitoring and isolation = inactive
• C. Enforce check-in/check-out exclusive access = inactive; Record and save session activity = active
• D. Enforce check-in/check-out exclusive access = active; Record and save session activity = inactive

Correct answer: A

Explanation

The correct answer is A because it activates exclusive access for check-in/check-out, ensuring only one user can access the passwords at a time. Options B and C do not enforce exclusive access, allowing multiple users to check out passwords, while option D does not monitor the session activity, which is essential for secure connections.