New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CyberArk EPM-DEF Exam - Topic 3 Question 37 Discussion

Actual exam question for CyberArk's EPM-DEF exam
Question #: 37
Topic #: 3
[All EPM-DEF Questions]

An application has been identified by the LSASS Credentials Harvesting Module.

What is the recommended approach to excluding the application?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Leonida at Sep 19, 2024, 08:39 AM

Limited Time Offer

25%

Off

Get Premium EPM-DEF Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Annalee
3 months ago
D seems a bit overkill for just excluding an app.
upvoted 0 times
...
Larae
3 months ago
Wait, can you really exclude it like that? Sounds risky.
upvoted 0 times
...
Malcom
3 months ago
Definitely C, that's how you handle LSASS!
upvoted 0 times
...
Edna
4 months ago
I think B makes more sense for exclusions.
upvoted 0 times
...
Layla
4 months ago
Option A is the way to go!
upvoted 0 times
...
Felix
4 months ago
I recall something about advanced policies being useful in these scenarios, so maybe D is the correct choice after all.
upvoted 0 times
...
Marjory
4 months ago
I’m a bit confused about the difference between A and B. They both seem like they could work for excluding applications.
upvoted 0 times
...
Lelia
4 months ago
I remember practicing a question similar to this, and I feel like excluding the application directly in the LSASS module could be the way to go. Maybe it's C?
upvoted 0 times
...
Whitney
5 months ago
I think the right answer might be A, but I'm not entirely sure if that's the best way to handle exclusions.
upvoted 0 times
...
Estrella
5 months ago
I'm a little confused by this question. Is there a specific reason why we would want to exclude the application? I feel like I'm missing some context here. I'll need to re-read the question and the options carefully.
upvoted 0 times
...
Tammy
5 months ago
Okay, I've got it! The answer is to add the application to an Advanced Policy or Application Group with an Elevate policy action. That way, it will be properly excluded without any issues.
upvoted 0 times
...
Jolanda
5 months ago
Hmm, I'm a bit unsure about this one. I'm not sure if adding it to the Files to be Ignored Always is the right approach, or if I should try to exclude it within the LSASS Credentials Harvesting module itself. I'll have to think this through carefully.
upvoted 0 times
...
Van
5 months ago
I think the recommended approach is to add the application to the Threat Protection Exclusions in Agent Configurations. That seems like the most straightforward way to exclude it.
upvoted 0 times
...
Aliza
5 months ago
I'm a bit confused on the difference between PESSIMISTIC_READ and READ. Are they really the same thing? I'll need to double-check the documentation on that.
upvoted 0 times
...
Annamae
9 months ago
I'm just gonna solve this problem by turning the computer off and on again. It's the IT version of duct tape and bubble gum!
upvoted 0 times
Chau
8 months ago
D) Add the application to an Advanced Policy or Application Group with an Elevate policy action.
upvoted 0 times
...
Reynalda
8 months ago
C) Exclude the application within the LSASS Credentials Harvesting module.
upvoted 0 times
...
Ellsworth
8 months ago
B) Add the application to the Files to be Ignored Always in Agent Configurations.
upvoted 0 times
...
Paul
8 months ago
A) In Agent Configurations, add the application to the Threat Protection Exclusions.
upvoted 0 times
...
...
Bonita
9 months ago
D) Add the application to an Advanced Policy or Application Group with an Elevate policy action? Now we're talking! That's like putting a superhero cape on the app.
upvoted 0 times
Juan
8 months ago
C) Exclude the application within the LSASS Credentials Harvesting module.
upvoted 0 times
...
Bobbye
8 months ago
B) Add the application to the Files to be Ignored Always in Agent Configurations.
upvoted 0 times
...
Cristen
8 months ago
A) In Agent Configurations, add the application to the Threat Protection Exclusions
upvoted 0 times
...
...
Iluminada
10 months ago
C) Exclude the application within the LSASS Credentials Harvesting module? Hmm, sounds like a lot of work. I'd rather just unplug the computer and call it a day.
upvoted 0 times
Dick
9 months ago
C) Exclude the application within the LSASS Credentials Harvesting module.
upvoted 0 times
...
Scot
9 months ago
B) Add the application to the Files to be Ignored Always in Agent Configurations.
upvoted 0 times
...
Ma
9 months ago
A) In Agent Configurations, add the application to the Threat Protection Exclusions.
upvoted 0 times
...
...
Jerrod
10 months ago
B) Add the application to the Files to be Ignored Always in Agent Configurations? Nah, that's not gonna work. Might as well just throw the whole computer out the window!
upvoted 0 times
Rory
9 months ago
D) Add the application to an Advanced Policy or Application Group with an Elevate policy action.
upvoted 0 times
...
Jaclyn
9 months ago
B) Add the application to the Files to be Ignored Always in Agent Configurations? Nah, that's not gonna work.
upvoted 0 times
...
Galen
9 months ago
C) Exclude the application within the LSASS Credentials Harvesting module.
upvoted 0 times
...
Rolland
10 months ago
A) In Agent Configurations, add the application to the Threat Protection Exclusions.
upvoted 0 times
...
...
Antonette
11 months ago
A) In Agent Configurations, add the application to the Threat Protection Exclusions? That's the way to go! Easy peasy lemon squeezy.
upvoted 0 times
Virgie
9 months ago
Great, it's a simple solution to prevent the application from being affected.
upvoted 0 times
...
Ciara
9 months ago
Yes, that's the recommended approach. It will exclude the application from being targeted.
upvoted 0 times
...
...
Dorian
11 months ago
But wouldn't adding the application to an Advanced Policy or Application Group with an Elevate policy action be a better option?
upvoted 0 times
...
Hoa
11 months ago
I disagree, I believe we should add the application to the Threat Protection Exclusions in Agent Configurations.
upvoted 0 times
...
Dorian
11 months ago
I think the recommended approach is to exclude the application in the LSASS Credentials Harvesting module.
upvoted 0 times
...

Save Cancel