CyberArk PAM-DEF Exam - Topic 4 Question 74 Discussion

Actual exam question for CyberArk's PAM-DEF exam

Question #: 74
Topic #: 4

Which Master Policy Setting must be active in order to have an account checked-out by one user for a pre-determined amount of time?

ARequire dual control password access Approval

BEnforce check-in/check-out exclusive access

CEnforce one-time password access

DEnforce check-in/check-out exclusive access & enforce one-time password access

Show Suggested Answer

Suggested Answer: B

According to the CyberArk Defender PAM documentation, the Master Policy setting that must be active in order to have an account checked-out by one user for a pre-determined amount of time is Enforce check-in/check-out exclusive access. This setting enables organizations to permit users to check out a 'one-time' password and lock it so that no other users can retrieve it at the same time. After the user has used the password, the user checks the password back into the Vault. This ensures exclusive usage of the privileged account, enabling full control and tracking for the password. The duration of the check-out period can be configured in the platform settings for each account.Reference:

Account check-out and check-in - CyberArk

Master Policy - CyberArk

by Tiara at May 17, 2026, 02:33 PM

Limited Time Offer

25%

Off

Get Premium PAM-DEF Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!