Q1- What is CyberArk?
Ans:- CyberArk is a PIM (Privilege Identity
Management)/PAM(Privilege Access Management) security tool. It has PAS
(Privilege Account security) solution, a full life cycle solution for managing
the most privilege accounts and SSH Keys in the enterprise. Founded in 1999
& founder, Chairman and CEO- Udi Mokady and Alon Cohen.
Q2- Why CyberArk is required?
Ans:- Every Organization have 2 or 3 times more
Privilege accounts then the employees and users and every privilege account
required security from cyber-attacks (Internal or External). So in order to
secure our privilege ids/accounts we used CyberArk because CyberArk provide
password security.
Cyber Ark is on the TOP of PIM/PAM service provider
as per Gartner reports.
Q3- What are the components of CyberArk.
Ans:- The
CyberArk components that released with PAS (Privileged Account Security)
solution are listed below with their abbreviation:-
1 Privileged Identity Management PIM
2 Enterprise Password Vault EPV
3 Central Policy Manager CPM
4 Password Vault Web Access PVWA
5 Privileged Session Manager PSM
6 On-Demand Privileges Manager OPM
7 Application Identity Management AIM
Q4- What is Vault?
Ans:- The
vault is the most secure place in the network where sensitive data (password,
session recording etc.) stored. It is design to discover secure, rotate and
control access to privilege account passwords.
In other words- It define privilege
account policy, discover privilege accounts, authorized user access,
automatically rotate and synchronize passwords, alert and provide auditor
access. It install in dedicated server or isolated environment.
Q5- What is CPM (Central Policy Manager)?
Ans:-
Central Policy Manager provides a revolutionary breakthrough in password
management, which automatically enforces the enterprise policy. It can change
the password automatically on remote machines and store the new passwords in
the Enterprise Password Vault (EPV) without any human intervention, according
to the master/organizational policy.
The CPM generate new random
passwords and replaces existing passwords on remote machines.
Q6- What is PVWA (Password Vault Web Access)?
Ans:- the
Password Vault Web Access is a fully featured web interface that provides a
single console for requesting, accessing and managing privileged password
throughout the enterprise by both end users and administrators.
In other words- PVWA enables both
end users and administrators to access and managed privilege accounts from any
local or remote location through a web client.
Q7- What is Vault configuration file name?
Ans:-
vault.ini and dbparm.ini
Vault.ini file has the all vault
configuration details and dbparm.ini has the database details.
Q8- What are the vault log files?
Ans:-
italog.log and trace.log
Q9- Which services active on vault?
Ans:- These
are some below service that are active on vault all time except DR drill (some
service change during DR Drill).
1. PrivateArk database
2. PrivateArk server
3. Notification Engine
4. Logic container
5. PrivateArk firewall
6. PrivateArk remote control agent.
Q10- What is default user of CPM (Central Policy
Manager)?
Ans:-
passwordmanager
Q11- What is default port for CyberArk?
Ans:- 1858,
we can change this as per requirement.
Q12- How many CPM we can install in an environment?
Ans:- CPM
is installed at multiple location but only enabled at one. It run in active and
inactive mode. Inactive CPM can share the license with their active
counterparts. Activating and Deactivating CPM is manual process.
Q13- What are the CPM log files?
Ans:-
pm.log, pm_error.log, thirdparty.log
Q14- What is PrivateArk client?
Ans:- The
PrivateArk client is a regular windows application that is used as the
administrative client for the Privileged Account Security solution. It can be
installed on any number of remote computers and can access the vault by a
network connectivity. it is used for vault monitoring.
Q15- What is PSM (Privilege Session Manager)?
Ans:- PSM in three words- Isolate, Control and Monitor.
Isolate- Prevent cyber-attacks by isolating
desktops from sensitive target machines.
Control- Create accountability and controlled over
privileged session access with policies, workflows and privileged single sign
on.
Monitor- Deliver continuous monitoring and
compliance with session recording with zero footprint on target machines.
In other words- Privileged Session
Manager enables organizations to secure, control and monitor privileged access
to network devices. It provide a secured connection or session on servers
without sharing the password or login credentials to end users. PSM also record
the entire session in text and video format and saved it to in Vault.
Q16- What is PSMP (Privileged Session Manager SSH
Proxy)?
Ans:-
Privileged Session Manager SSH Proxy preserves the benefits of PSM such as
isolation, control and monitoring, whilst enabling users to connect
transparently to target UNIX systems from their own workstation without
interrupting their native workflow.
Q17- What is OPM (On-Demand Privileges Manager)?
Ans:-
On-Demand Privileges Manager provides a comprehensive solution that empowers IT
and enables complete visibility and controls of super users and privileges
accounts across the enterprise. Using the OPM, the complete Privileged Account
Security solution enables centralized management and auditing from a unified
product to all aspects to privileged account management.
Q18- What is AIM (Application Identity Management)?
Ans:-
Application Identity Management eliminate the hard-coded privileged account
from the applications and provide the security and manage strong authentication
by - Machine address, OS users, Application path, signature/hash. It secure and
reset or restart the application with no downtime and also securing local cache
for business continuity & high performance.
It avoid code changes and overhead
upon application password or machine address change.
Q19- What is the default port for PSM?
Ans:- 443
Q20- What is the default port for PVWA?
Ans:- 440
It is very useful.
ReplyDeleteThank You:)
Delete