New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CyberArk PAM-SEN Exam - Topic 1 Question 62 Discussion

Actual exam question for CyberArk's PAM-SEN exam
Question #: 62
Topic #: 1
[All PAM-SEN Questions]

To enable LDAP over SSL for a Vault when DNS lookups are blocked, which step must be completed?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Charlie at Jul 13, 2025, 07:06 PM

Limited Time Offer

25%

Off

Get Premium PAM-SEN Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Brianne
2 months ago
Nope, it's definitely A. Trust me on this!
upvoted 0 times
...
Dawne
2 months ago
Wait, is that really necessary?
upvoted 0 times
...
Dorthy
2 months ago
Gotta add FQDN & IP to the hosts file!
upvoted 0 times
...
Galen
3 months ago
Totally agree, that's the way to go.
upvoted 0 times
...
Dorathy
3 months ago
I think it's option C, just use IPs.
upvoted 0 times
...
Jaclyn
3 months ago
Setting the ReferralsDNSLookup parameter to 'No' seems like it could help, but I wonder if that's the main step we need to focus on for SSL.
upvoted 0 times
...
Miss
3 months ago
I practiced a similar question where we had to ensure LDAP hosts were defined correctly. I feel like using only IP addresses might be important here.
upvoted 0 times
...
Adell
4 months ago
I remember something about configuring DNS settings, but I can't recall if it's about allowing outbound TCP 53 or something else.
upvoted 0 times
...
Nina
4 months ago
I think we might need to add the FQDN and IP details to the local hosts file, but I'm not entirely sure if that's the only step required.
upvoted 0 times
...
Willow
4 months ago
This is a good question. I'll need to review my notes on LDAP configuration to make sure I'm approaching it the right way.
upvoted 0 times
...
Reita
4 months ago
I'm pretty confident I know the answer to this one. It's option A - adding the FQDN and IP details to the local hosts file. That's the way to go when DNS lookups are blocked.
upvoted 0 times
...
Maile
4 months ago
Okay, I think I've got this. The key is to add the FQDN and IP details for the LDAP hosts into the local hosts file on the Vault server. That should do the trick.
upvoted 0 times
...
Catina
4 months ago
Hmm, I'm a bit confused by the wording of the question. I'll need to re-read it a few times to make sure I understand what they're asking.
upvoted 0 times
...
Nicolette
5 months ago
This looks like a tricky one. I'll need to think through the steps carefully to make sure I get the right answer.
upvoted 0 times
...
Nikita
6 months ago
I'm feeling option A. Editing the hosts file is always a reliable way to bypass DNS issues. It's like going back to the stone age of networking!
upvoted 0 times
Yesenia
5 months ago
I think option B might be more practical in this situation. Allowing outbound TCP 53 could solve the issue.
upvoted 0 times
...
Reynalda
5 months ago
I agree, editing the hosts file is a classic workaround for DNS problems.
upvoted 0 times
...
...
Chau
7 months ago
D all the way! Turning off DNS lookups is the simplest solution. Who needs those pesky domain names anyway?
upvoted 0 times
Chauncey
5 months ago
B) Configure an AllowNonStandardFWAddresses rule in DBParm.ini on the Vault to allow outbound TCP 53 to the organization's DNS servers.
upvoted 0 times
...
Johanna
5 months ago
A) Add the FQDN & IP details for each LDAP host into the local hosts file of the Vault server.
upvoted 0 times
...
Holley
5 months ago
A) Add the FQDN & IP details for each LDAP host into the local hosts file of the Vault server.
upvoted 0 times
...
...
Carylon
7 months ago
I'm not sure, but I think B) Configure an AllowNonStandardFWAddresses rule in DBParm.ini on the Vault to allow outbound TCP 53 to the organization's DNS servers could also be a valid option.
upvoted 0 times
...
Jani
7 months ago
Haha, option B is a classic! Trying to open up the firewall for DNS traffic? That's like trying to solve a broken leg with a bandaid.
upvoted 0 times
...
Bernardine
7 months ago
For LDAP over SSL, I'd go with option C. Using IP addresses is the way to go when DNS lookups are blocked. No need to mess with the hosts file or firewall rules.
upvoted 0 times
Chandra
5 months ago
Yeah, no need to complicate things with the hosts file or firewall rules.
upvoted 0 times
...
Brinda
5 months ago
I think using IP addresses is the most reliable solution.
upvoted 0 times
...
Charlena
5 months ago
I agree, option C is the best choice in this situation.
upvoted 0 times
...
...
Hyun
7 months ago
I disagree, I believe the correct answer is D) Set the ReferralsDNSLookup parameter value to ''No'' in the directory configuration.
upvoted 0 times
...
Virgina
7 months ago
I think the answer is A) Add the FQDN & IP details for each LDAP host into the local hosts file of the Vault server.
upvoted 0 times
...

Save Cancel