chapter 1 Flashcards
what is the digital vault?
a secure server used to store privileged account information, based on a hardened windows server platform
what is the password vault web access PVWA
the web interface for users to gain access to privileged account information, used by vault admins to configure policies
What does the central policy manager CPM do?
performs the password change on devices, scan the network for privileged accounts
what does the privileged session manager PSM do?
isolates and monitor privileged account activity, records privileged account sessions
what does privilege threat analytics do?
monitors and detects malicious privileged account behavior
what is the private ark client and what is it used for?
- legacy interface to the vault
- mostly used by administrators for certain tasks that are not implements in private ark web access
- can be installed on any station with access to the vault
what is the pam web services?
What is the main purpose?
- RESTful API that enables users to create, list, modify, and deletes entities in pam using program and scripts
- main purpose is to automate tasks that are usually performed manually using the UI and to incorporate them in system and account provisioning scripts
where is the vault central administration station and what can it do?
- only available on vault server
- used to start and stop the private ark server windows service
- displays the vault server log
- used to change the vault debug levels dynamically
where do you run the remote control client?
What does it do?
What port does it operate on?
Why is this useful?
- runs from a command line interface
- executes tasks on vault server via remote control agent
- client and agent communicate via cyberark remote control protocol on port 9022
- this reduces the need to open an rdp port for the vault
