Valid CPC-CDE-RECERT Dumps shared by EduDump.com for Helping Passing CPC-CDE-RECERT Exam! EduDump.com now offer the newest CPC-CDE-RECERT exam dumps, the EduDump.com CPC-CDE-RECERT exam questions have been updated and answers have been corrected get the newest EduDump.com CPC-CDE-RECERT dumps with Test Engine here:
You need to map an enterprise's Active Directory to Privilege Cloud Shared Services to enable users to log in to CyberArk through their LDAP credentials. What do you need to accomplish this? (Choose two.)
Correct Answer: B,D
CyberArk documents that to provision/authenticate users based on on-prem directory services using LDAP with Shared Services, you must first install the Identity Connector. CyberArk also states LDAP communication to the Identity Connector is over TLS/SSL, and during the TLS handshake the LDAP server must present an X.509 certificate, meaning the connector must be able to trust the LDAP/LDAPS certificate chain (i.e., a trusted certificate on the connector side is required for LDAPS trust). Therefore, the correct choices are B (Identity Connector) and D (trusted LDAP server certificate on the connector). Why the other options are not correct as stated: * C is wrong because LDAPS (636) is between the Identity Connector and the domain controllers /LDAP server, not "opened to the Privilege Cloud back-end" directly. * E is not required for LDAP credential login; federated domains are used for federation/SSO use cases, while LDAP mapping is handled via the connector + LDAPS trust. * A (read-only domain user) is commonly used as the Bind DN/service account, but in the Shared Services LDAP requirement set here, the two must-have items that CyberArk calls out for enabling this path are the Identity Connector and the LDAPS certificate trust.