Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CyberArk PAM-DEF Exam - Topic 4 Question 70 Discussion

Which certificate type do you need to configure the vault for LDAP over SSL?
A) the CA Certificate that signed the certificate used by the External Directory
B) a CA signed Certificate for the Vault server
C) a CA signed Certificate for the PVWA server
D) a self-signed Certificate for the Vault

CyberArk PAM-DEF Exam - Topic 4 Question 70 Discussion

Actual exam question for CyberArk's PAM-DEF exam
Question #: 70
Topic #: 4
[All PAM-DEF Questions]

Which certificate type do you need to configure the vault for LDAP over SSL?

Show Suggested Answer Hide Answer
Suggested Answer: A

To enable SSL-based encryption for LDAP integration, the Vault machine and the PVWA machine need to trust the certificate used by the External Directory. This can be achieved by importing the CA Certificate that signed the certificate used by the External Directory into the Windows certificate store on both the Vault and PVWA machines. This will facilitate an SSL connection between the Vault and the External Directory.Reference:Configure the Vault for LDAP,Configure LDAPS in CyberArk. What certificate I need to use?


by Franchesca at Mar 07, 2026, 09:51 AM

Limited Time Offer

25%

Off

Get Premium PAM-DEF Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Glenn
25 days ago
Wait, isn't it C? That sounds familiar.
upvoted 0 times
...
Tiera
30 days ago
I think B is the right choice.
upvoted 0 times
...
Laticia
1 month ago
Definitely A, you need the CA Certificate.
upvoted 0 times
...
Gearldine
1 month ago
Just to clarify, A is definitely the correct answer!
upvoted 0 times
...
Marg
2 months ago
I thought self-signed certs were enough for this kind of setup.
upvoted 0 times
...
Malcom
2 months ago
Wait, isn't it B? I thought the Vault server needed its own cert.
upvoted 0 times
...
Casie
2 months ago
Totally agree, that's the right one!
upvoted 0 times
...
Eva
2 months ago
A) the CA Certificate that signed the certificate used by the External Directory.
upvoted 0 times
...
Elvis
2 months ago
I’m leaning towards D, but I’m not confident. I remember self-signed certificates being mentioned in a different context.
upvoted 0 times
...
Francine
2 months ago
This question feels familiar; I think we had a practice question about SSL configurations. I want to say it's A or B, but I can't recall the details.
upvoted 0 times
...
Sabine
3 months ago
I'm not entirely sure, but I remember something about needing a CA signed Certificate for the Vault server. Could that be B?
upvoted 0 times
...
Essie
3 months ago
I think it might be A, since it mentions the CA Certificate that signed the external directory's certificate. That sounds relevant for SSL.
upvoted 0 times
...

Save Cancel