PAM Lab

Product Chosen: CyberArk Lab Task: Create a safe and add a privileged account.

Lab Question:

Using CyberArk, create a safe to store privileged credentials and add a privileged account to it, ensuring it’s accessible only to authorized users.

Answer (Steps):

  1. Sign up for a CyberArk trial at cyberark.com.

  2. Log into the CyberArk Privileged Access Security (PAS) web interface.

  3. Create a new safe:

    • Navigate to Safes (or Policies > Safes depending on the version).

    • Click Add Safe, enter a name (e.g., "TestSafe"), and set permissions (e.g., allow yourself full access).

    • Save the safe.

  4. Add a privileged account:

    • Go to Accounts > Add Account.

    • Platform: Select a platform (e.g., "Windows Domain Account").

    • Safe: Select "TestSafe".

    • Enter details: username (e.g., "admin"), password, and address (e.g., a dummy server name).

    • Save the account.

  5. Test access:

    • Return to the safe and retrieve the account credentials as an authorized user.

Verification:

  • As an authorized user, view or retrieve the account password from the safe.

  • If possible, log in as a different (unauthorized) user to confirm access is denied.

Setup Process:

  • Request a trial from cyberark.com.

  • CyberArk will provide deployment instructions (e.g., a cloud-based instance or VM download).

  • Deploy the PAS solution (e.g., on VMware) and follow the setup guide to configure the initial admin account and network settings.

Lab Question:

Configure CyberArk to record sessions for privileged accounts in the safe, allowing session review for auditing.

Steps:

  1. Log into the CyberArk PAS web interface.

  2. Enable session recording:

    • Go to Policies > Master Policy.

    • Under Privileged Session Management, check "Record and save sessions".

    • Configure settings (e.g., video format) and save.

  3. Apply to the safe:

    • Go to Safes, select "TestSafe", and edit properties.

    • Ensure safe members have "Use accounts" and "Retrieve accounts" permissions.

  4. Test the configuration:

    • Use a privileged account from the safe to access a target system (e.g., via RDP).

Verification:

  • Go to Monitoring > Sessions, locate and play back the recorded session.

  • Check for recording errors in the dashboard.

Setup Notes:

  • Ensure the Privileged Session Manager (PSM) is configured.

  • Use a test server or VM as the target.

Last updated