CyberArk Sentry – PAM — Question 49

After installing the Vault, you need to allow Firewall Access for Windows Time service to sync with NTP servers 10.1.1.1 and 10.2.2.2.
What should you do?

Answer options

• A. Edit DBParm.ini to add: AllowNonStandardFWAddresses=[10.1.1.1,10.2.2.2],Yes,123:outbound/udp.
• B. Edit DBParm.ini to add: NTPServer=[10.1.1.1:123/UDP,10.2.2.2:123/UDP].
• C. Edit DBParm.ini to add: AllowNonStandardFWAddresses=[10.1.1.1,10.2.2.2],Yes,123:outbound/udp,123:inbound/udp.
• D. Edit the Windows Firewall configuration to add a rule for Port 123/udp outbound to 10.1.1.1 and 10.2.2.2.

Correct answer: A

Explanation

The correct answer is A because it specifically allows the Windows Time service to access the NTP servers through the firewall by adding the necessary configuration to DBParm.ini. Options B and C do not provide the correct syntax for firewall rules, and option D, while it might seem plausible, does not involve modifying DBParm.ini as required in the question.