DRAG DROP (Drag and Drop is not supported)
Arrange the steps to complete CPM Hardening for Out-of-Domain Deployment in the correct sequence.

Answer(s): A

To enable LDAP over SSL for a Vault when DNS lookups are blocked, which step must be completed?

Add the FQDN & IP details for each LDAP host into the local hosts file of the Vault server.
Configure an AllowNonStandardFWAddresses rule in DBParm.ini on the Vault to allow outbound TCP 53 to the organization’s DNS servers.
Ensure LDAP hosts added to the directory mapping configuration are defined using only IP addresses.
Set the ReferralsDNSLookup parameter value to “No” in the directory configuration.

Answer(s): A

In which file must the attribute ‘SignAuthnRequest=”true”’ be added to the PartnerIdentityProvider element to support signed SAML requests?

Answer(s): A

A customer is moving from an on-premises to a public cloud deployment.
What is the best and most cost-effective option to secure the server key?

Install the Vault in the cloud the same way you would in an on-premises environment. Place the server key in a password protected folder on the operating system.
Install the Vault in the cloud the same way you would in an on-premises environment. Purchase a Hardware Security Module to secure the server key.
Install the Vault using the native cloud images and secure the server key using native cloud Key Management Systems.
Install the Vault using the native cloud images and secure the server key with a Hardware Security Module.

Answer(s): C

Free PAM-SEN Exam Braindumps (page: 6)