Practice ACCESS-DEF Exam Online

Question 1

Which device enrollment settings are valid? (Choose two.)

A : Send notification on device enrollment

B : Enable invite based enrollment

C : Minimum number of devices a user can enroll

D : Reassign the device to another user

E : Permanently delete device

Answer: A,B

Question 2

Which CyberArk Identity supported web standard is commonly used for enterprise Single Sign-On and issues XML tokens for authentication?

A : SAML 2.0

B : OAuth

C : RADIUS

D : LDAP

Answer: A

Question 3

CyberArk Identity's App Gateway can be used to protect and access which option?

A : on-premises Oracle web app

B : cloud-hosted Salesforce environment

C : a corporate laptop

D : a web browser

Answer: A

Question 4

When a user enrolls a mobile device (iOS or Android) without enabling mobile device management, what happens? (Choose three.)

A : The device is added to the Endpoints page in the Admin and User portals.

B : The web applications assigned to the user are added to the Web Apps screen in the CyberArk Identity mobile app.

C : The associated mobile applications are added and available for deployment automatically.

D : The mobile device policies defined in the CyberArk Cloud Directory policy service policy set are installed.

E : The device-s model name, serial number, OS number, and Network Carrier information will be uploaded to the Identity portal.

F : The mobile phone can now be used as a MFA Authentication Factor.

Answer: A,B,F

Question 5

ACME Corporation employees access critical business web applications through CyberArk Identity. You notice a constant high volume of unauthorized traffic from 103.1.200.0/24 trying to gain access to the CyberArk Identity portal. Access to the CyberArk Identity portal is time sensitive. ACME decides to enforce IP restrictions to reduce vulnerability.

Which configuration can help achieve this?

A : Log in to the CyberArk Identity Admin portal and define the IP range of 103.1.200.0/24 into the ACME Corporation IP range.

B : Log in to the CyberArk Identity Admin portal and define the IP range of 103.1.200.0/24 into the blocked IP range.

C : Implement device trust through the Windows Cloud Agent.

D : Implement zero trust through the App Gateway.

Answer: B

Name:	CyberArk Defender Access
Exam Code:	ACCESS-DEF
Certification:	CyberArk Defender
Vendor:	CyberArk
Total Questions:	65
Last Updated:	May 27, 2026

CyberArk ACCESS-DEF Answers