Access Rights Manager (ARM)

Question 1

How can you restrict access to a directory that contains information about an upcoming company merge?

a) Disable inheritances
b) Assign one resource owner
c) Configure SAP properties
d) Disable the automatic list rights management

Answer 1

a) Disable Inheritances

Question 2

What file types are supported for configuring scripts?

Answer 2

.ps (PowerShell)*
.vbs (VisualBasic)
.bat
.cmd
.js (nodejs.exe)
.exe

• PowerShell files are .ps1, but the admin guide says .ps as of the authoring of this deck.

Question 3

A user has been losing access rights for several months, but does not know which rights are lost. The user has been running ARM for one year. How can you troubleshoot this issue? Select all that apply.

a) You compare the Where has a user/group access report against a current scan and a 6 months old scan
b) Run a scan comparison report for the user and another user who has no issues and compare them to search for issues
c) Review the logbook and search for issues
d) Run AD Logga report with the member removed event type, and set the report start date to the previous year and filter the report for the user

Answer 3

A, C, D

a) You compare the Where has a user/group access report against a current scan and a 6 months old scan
c) Review the logbook and search for issues
d) Run AD Logga report with the member removed event type, and set the report start date to the previous year and filter the report for the user

Question 4

You configured ARM to send file server reports to Data Owners every quarter. What are possible reasons why you did not receive a report this quarter? Select all that apply.

a) The administrator deleted the Exchange Online mailbox
b) The SMTP server sending options changed
c) The 25 without SSL port was opened on the SMTP server
d) The SMTP server was offline when ARM attempted to run the report

Answer 4

B, D

b) The SMTP server sending options changed
d) The SMTP server was offline when ARM attempted to run the report

Question 5

After installation, the Basic Configuration page launches automatically and asks you to do which two steps before anything else can be configured?

a) Define the credentials for the ARM Server to run Active Directory requests
b) Install missing components listed in the install Report
c) Activate your license
d) Define the SQL Server database

Answer 5

A, D

a) Define the credentials for the ARM Server to run Active Directory requests
d) Define the SQL Server database

Question 6

Where can you run web components/WebAPI? Select all that apply.

a) ARM server with IIS installed
b) Apache server
c) Standalone Microsoft IIS server
d) GWS server

Answer 6

A, C

a) ARM server with IIS installed
c) Standalone Microsoft IIS server

Question 7

What is required when you configure FS Logga for a Windows failover cluster? Select all that apply.

a) Install and run the collector service on all nodes
b) Restart the file server after you install FS Logga
c) Install .net in all cases manually
d) Install the FS Logga filter driver on all nodes

Answer 7

A, D

a) Install and run the collector service on all nodes
d) Install the FS Logga filter driver on all nodes

Question 8

What helps automate the process of disabling a user in ARM? Select all that apply.

a) Scripts
b) Reports
c) GrantMa
d) Templates

Answer 8

A, C

a) Scripts
c) GrantMa

Question 9

How can you improve filer server scan performance?

a) Configure $-Shares to see all shares
b) Increase scan depth and remove all shares
c) Configure Storage of Scans to store unnecessary data
d) Use the correct file server type

Answer 9

D

d) Use the correct file server type.

Question 10

What can you do to balance the load on your ARM server?

a) Install additional collector
b) Use NTFS
c) Defrag hard disks
d) Use a dedicated drive for Pagefile

Answer 10

A

a) Install additional collector

Question 11

What SQL rights do you need to install an ARM instance’s database?

Answer 11

If an ARM DB already exists, you need dbowner. Otherwise, you need dbcreator.

Question 12

What kinds of mailbox permissions can be managed in ARM?

Answer 12

Full Access, Send As, and Receive As

Question 13

What are the requirements for a service account for FS Logga?

Answer 13

FS Logga does not require a service account

Question 14

What are the requirements for a service account for AD Logga?

Answer 14

Event Log Reader

Question 15

What are the requirements for a service account for Exchange Logga?

Answer 15

Organization Management and Records Management

Question 16

What is the default port used between the ARM server and GUI?

Answer 16

55555

Question 17

What are some reasons to install an Additional Collector?

Answer 17

Connecting remote resources to reduce WAN footprint

FS Logga for Windows FS requires a collector

Load Balancing

To incorporate foreign domains (non-trusted)

Question 18

Describe how to find broken/corrupted inheritance in ARM.

Answer 18

Under resources, choose the appropriate file server, click on “Report” and choose “report on all paths (or sub-directories) with different access rights.” Save the report as a spreadsheet, and filter on “inheritance corrupted = yes”

Question 19

What causes a “maximum number of ARM queue messages exceeded error? How do you fix it?

Answer 19

It is caused by the FS/AD Logga not being reachable or being uninstalled or renamed. It will fix itself if the connector is just unreachable, but if it has been uninstalled or renamed, it must be manually removed by logging into RabbitMQ and deleting the Queue.

Question 20

How do you find and fix directories (not users) with corrupted inheritance?

Answer 20

Analysis > Directories > Directories with Corrupted Inheritance; select the ones you want to fix and choose “Enforce Inheritance”

Question 21

Who can allocate Manager in AD Attributes?

Answer 21

ARM Administrator

Question 22

Describe how to create a protected directory on a file server

Answer 22

Create directory, remove all inherited rights, add new access rights for selected users

Question 23

What causes an unresolved SID? How do you find them? Remove them?

Answer 23

Users or groups with direct access rights on file servers are deleted in AD. They can be found by running a “Where has User/Group Access” report and modifying the access rights of the resources that show in that report.

Question 24

What are 4 thresholds that would cause a server health check to show as warning/yellow or critical/red?

Answer 24

• Database size
• Database free disk space
• Free disk space on archive disk
• Message count in queuing services

Question 25

Where are logs stored in ARM?

Answer 25

%ProgramData%\protected-networks.com\8MAN\log

Question 26

What log file would you use to see issues with Logga?

Answer 26

pnTracer

Question 27

Where are scripts stored in ARM?

Answer 27

%ProgramData%\protected-networks.com\8MAN\scripts\analyze

Question 28

How do you prevent an ARM database from filling up (or fix it when it has filled up)?

Answer 28

Shrink DB, Reduce scan frequency, disable FS Logga Alerts

Question 29

What file formats are supported by Easy Connect?

Answer 29

.csv and .sql

Question 30

True or false: It is possible to import/export Data Owner configurations in ARM

Answer 30

True

Question 31

What is a way to identify over-privileged users in ARM?

Answer 31

Kerberos Token size

Question 32

What port is used for LDAP?

Answer 32

TCP/389

Question 33

What port is used for NetBIOS?

Answer 33

TCP/139

Question 34

What port is used for MS Directory Services?

Answer 34

TCP/445

Question 35

What port is used for WMI/DCOM/RPC?

Answer 35

TCP/135 (dynamic)

Question 36

What port is used for SQL?

Answer 36

TCP/1433

Question 37

What port is used for Kerberos?

Answer 37

88

Question 38

What port is used between ARM components?

Answer 38

55555; dynamic

Question 39

What port is used for RabbitMQ?

Answer 39

5671

Question 40

If you have 4000 users, can you still use an ARM1000 license? If so, how?

Answer 40

Yes; ARM licenses are assigned - you can have only 1000 licensed users but still 3000 unlicensed users.

Question 41

Is it best practice to use a hostname or FQDN for Exchange Scans?

Answer 41

Hostname

Question 42

What are Purpose Groups used for?

Answer 42

They are used as aliases / friendly names within ARM only.

Question 43

What is the cause of permissions not propagating down?

Answer 43

Broken ACLs

Question 44

Info on which Logga(s) can be found in the Logbook?

Answer 44

AD and Exchange Only (not FS Logga, etc.)