Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CyberArk EPM-DEF Exam - Topic 3 Question 37 Discussion

Actual exam question for CyberArk's EPM-DEF exam
Question #: 37
Topic #: 3
[All EPM-DEF Questions]

An application has been identified by the LSASS Credentials Harvesting Module.

What is the recommended approach to excluding the application?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Leonida at Sep 19, 2024, 08:39 AM

Limited Time Offer

25%

Off

Get Premium EPM-DEF Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Annalee
5 months ago
D seems a bit overkill for just excluding an app.
upvoted 0 times
...
Larae
5 months ago
Wait, can you really exclude it like that? Sounds risky.
upvoted 0 times
...
Malcom
5 months ago
Definitely C, that's how you handle LSASS!
upvoted 0 times
...
Edna
5 months ago
I think B makes more sense for exclusions.
upvoted 0 times
...
Layla
6 months ago
Option A is the way to go!
upvoted 0 times
...
Felix
6 months ago
I recall something about advanced policies being useful in these scenarios, so maybe D is the correct choice after all.
upvoted 0 times
...
Marjory
6 months ago
I’m a bit confused about the difference between A and B. They both seem like they could work for excluding applications.
upvoted 0 times
...
Lelia
6 months ago
I remember practicing a question similar to this, and I feel like excluding the application directly in the LSASS module could be the way to go. Maybe it's C?
upvoted 0 times
...
Whitney
6 months ago
I think the right answer might be A, but I'm not entirely sure if that's the best way to handle exclusions.
upvoted 0 times
...
Estrella
6 months ago
I'm a little confused by this question. Is there a specific reason why we would want to exclude the application? I feel like I'm missing some context here. I'll need to re-read the question and the options carefully.
upvoted 0 times
...
Tammy
6 months ago
Okay, I've got it! The answer is to add the application to an Advanced Policy or Application Group with an Elevate policy action. That way, it will be properly excluded without any issues.
upvoted 0 times
...
Jolanda
6 months ago
Hmm, I'm a bit unsure about this one. I'm not sure if adding it to the Files to be Ignored Always is the right approach, or if I should try to exclude it within the LSASS Credentials Harvesting module itself. I'll have to think this through carefully.
upvoted 0 times
...
Van
7 months ago
I think the recommended approach is to add the application to the Threat Protection Exclusions in Agent Configurations. That seems like the most straightforward way to exclude it.
upvoted 0 times
...
Aliza
7 months ago
I'm a bit confused on the difference between PESSIMISTIC_READ and READ. Are they really the same thing? I'll need to double-check the documentation on that.
upvoted 0 times
...
Annamae
11 months ago
I'm just gonna solve this problem by turning the computer off and on again. It's the IT version of duct tape and bubble gum!
upvoted 0 times
Chau
10 months ago
D) Add the application to an Advanced Policy or Application Group with an Elevate policy action.
upvoted 0 times
...
Reynalda
10 months ago
C) Exclude the application within the LSASS Credentials Harvesting module.
upvoted 0 times
...
Ellsworth
10 months ago
B) Add the application to the Files to be Ignored Always in Agent Configurations.
upvoted 0 times
...
Paul
10 months ago
A) In Agent Configurations, add the application to the Threat Protection Exclusions.
upvoted 0 times
...
...
Bonita
11 months ago
D) Add the application to an Advanced Policy or Application Group with an Elevate policy action? Now we're talking! That's like putting a superhero cape on the app.
upvoted 0 times
Juan
10 months ago
C) Exclude the application within the LSASS Credentials Harvesting module.
upvoted 0 times
...
Bobbye
10 months ago
B) Add the application to the Files to be Ignored Always in Agent Configurations.
upvoted 0 times
...
Cristen
10 months ago
A) In Agent Configurations, add the application to the Threat Protection Exclusions
upvoted 0 times
...
...
Iluminada
12 months ago
C) Exclude the application within the LSASS Credentials Harvesting module? Hmm, sounds like a lot of work. I'd rather just unplug the computer and call it a day.
upvoted 0 times
Dick
10 months ago
C) Exclude the application within the LSASS Credentials Harvesting module.
upvoted 0 times
...
Scot
11 months ago
B) Add the application to the Files to be Ignored Always in Agent Configurations.
upvoted 0 times
...
Ma
11 months ago
A) In Agent Configurations, add the application to the Threat Protection Exclusions.
upvoted 0 times
...
...
Jerrod
1 year ago
B) Add the application to the Files to be Ignored Always in Agent Configurations? Nah, that's not gonna work. Might as well just throw the whole computer out the window!
upvoted 0 times
Rory
11 months ago
D) Add the application to an Advanced Policy or Application Group with an Elevate policy action.
upvoted 0 times
...
Jaclyn
11 months ago
B) Add the application to the Files to be Ignored Always in Agent Configurations? Nah, that's not gonna work.
upvoted 0 times
...
Galen
11 months ago
C) Exclude the application within the LSASS Credentials Harvesting module.
upvoted 0 times
...
Rolland
12 months ago
A) In Agent Configurations, add the application to the Threat Protection Exclusions.
upvoted 0 times
...
...
Antonette
1 year ago
A) In Agent Configurations, add the application to the Threat Protection Exclusions? That's the way to go! Easy peasy lemon squeezy.
upvoted 0 times
Virgie
11 months ago
Great, it's a simple solution to prevent the application from being affected.
upvoted 0 times
...
Ciara
11 months ago
Yes, that's the recommended approach. It will exclude the application from being targeted.
upvoted 0 times
...
...
Dorian
1 year ago
But wouldn't adding the application to an Advanced Policy or Application Group with an Elevate policy action be a better option?
upvoted 0 times
...
Hoa
1 year ago
I disagree, I believe we should add the application to the Threat Protection Exclusions in Agent Configurations.
upvoted 0 times
...
Dorian
1 year ago
I think the recommended approach is to exclude the application in the LSASS Credentials Harvesting module.
upvoted 0 times
...

Save Cancel