CyberArk University

CDE EPM Challenge Lab Guide

Exercise Guide
Contents
INTRODUCTION ..............................................................................................................................................................3
USING SKYTAP ...............................................................................................................................................................3
INTERNATIONAL USERS ....................................................................................................................................................7
NETWORK & USER ENVIRONMENT INFORMATION...............................................................................................................10
ACCESSING EPM ..........................................................................................................................................................11
CYBERARK EPM CHALLENGE FILES ..................................................................................................................................15
THE CDE EPM CHALLENGE ............................................................................................................................................16
GENERAL INSTRUCTIONS ................................................................................................................................................16
ASSIGNED TASKS ..........................................................................................................................................................17
TASK 1: GENERAL EPM SET ADMINISTRATION .......................................................................................................17
TASK 2: PRIVILEGE MANAGEMENT COLLECTION ....................................................................................................17
TASK 3: CREATE EPM BASELINE POLICIES ............................................................................................................18
TASK 4: ENABLE PRIVILEGE ELEVATION FOR AN APPLICATION FOR IT ...................................................................18
TASK 5: TROUBLESHOOT AND RESOLVE A POLICY NOT WORKING .........................................................................19
TASK 6: ALLOW IT TO MANAGE PROTECTED FILES .................................................................................................19
TASK 7: ALLOW IT TO MANAGE LOCAL USERS AND GROUPS ON ALL ENDPOINTS ..................................................19
TASK 8: PROVIDE ALL USERS CONTROL TO STOP AND START A SERVICE ..............................................................19
TASK 9: BLOCK AN APPLICATION .............................................................................................................................20
TASK 10: ENABLE APPLICATION CONTROL COLLECTION .......................................................................................20
TASK 11: TROUBLESHOOT AND RESOLVE AN APPLICATION NOT FUNCTIONING .....................................................20
TASK 12: EXCLUDE AN APPLICATION FROM RANSOMWARE PROTECTION ..............................................................20
TASK 13: GENERATE AN EPM REPORT ..................................................................................................................20
TASK 14: PROTECT FROM CREDENTIAL THEFT .......................................................................................................20
TASK 15: WORKING WITH CYBERARK SUPPORT....................................................................................................20
Important Notice
Conditions and Restrictions
This Guide is delivered subject to the following conditions and restrictions:
This guide contains proprietary information belonging to Cyber-Ark® Software Ltd. Such information is supplied solely for
the purpose of assisting explicitly and properly authorized users of the Cyber-Ark Vault.
No part of its contents may be used for any other purpose, disclosed to any person or firm or reproduced by any means,
electronic and mechanical, without the express prior written permission of Cyber-Ark® Software Ltd.
The software described in this document is furnished under a license. The software may be used or copied only in
accordance with the terms of that agreement.
The text and graphics are for the purpose of illustration and reference only. The specifications on which they are based are
subject to change without notice.
Information in this document is subject to change without notice. Corporate and individual names and data used in
examples herein are fictitious unless otherwise noted.
Third party components used in the Cyber-Ark Vault may be subject to terms and conditions listed on www.cyber-
ark.com/privateark/acknowledgement.htm.
Acknowledgements
This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit
(http://www.openssl.org/).
This product includes cryptographic software written by Eric Young ([email protected]).
This product includes software written by Tim Hudson ([email protected]).
This product includes software written by Ian F. Darwin.
This product includes software developed by the ICU Project (http://site.icu-project.org/) Copyright © 1995-2009
International Business Machines Corporation and other. All rights reserved.
This product includes software developed by the Python Software Foundation. Copyright © 2001-2010 Python Software
Foundation; All Rights Reserved.
This product includes software developed by Infrae. Copyright (c) 2004 Infrae. All rights reserved.
This product includes software developed by Michael Foord. Copyright (c) 2003-2010, Michael Foord. All rights reserved.
Copyright
© 2000 - 2024 Cyber-Ark Software, Ltd. All rights reserved. US Patent No 6,356,941.
Cyber-Ark®, the Cyber-Ark logo, the Cyber-Ark slogan, PrivateArk™, Network Vault®, Password Vault®, Inter-Business Vault®,
Vaulting Technology®, Geographical Security™ and Visual Security™ are trademarks of Cyber-Ark Software Ltd.
All other product names mentioned herein are trademarks of their respective owners.
Information in this document is subject to change without notice.

CyberArk University Exercise Guide Page 2

© Cyber-Ark® Software Ltd - No part of this material may be disclosed to any person or firm or reproduced by any means, electronic and mechanical,
without the express prior written permission of Cyber-Ark® Software Ltd.
Introduction
Using Skytap

Before beginning exercises, here are a few tips to help you navigate the labs more effectively.
You can refer to the section for Error! Reference source not found.International Users for
instructions on changing the keyboard.

1. Using your computer, open Google Chrome (or another web browser) and browse to
https://training.cyberark.com. Log in using your existing username / password
credentials for the CyberArk Training portal.

2. Search for EPM Technical Challenge then click on EPM Technical Challenge – Lab
(or EPM Technical Challenge – Retake if you are attempting the challenge for an
additional attempt).

3. Click on Content.

4. Click on CyberArk Partner CDE – EPM Challenge Guidelines to download and review
the EPM CDE Challenge Guidelines.

5. On the right navigation menu, click on EPM CDE Challenge Lab Guide to download
and review the EPM CDE Challenge lab guide that outlines each task required to
complete the challenge.

Note: The actual title of the EPM CDE Challenge Lab Guide might vary.

6. On the right navigation menu, click on EPM CDE Challenge Lab to launch the lab
environment that will be used to complete the challenge.

Note: The actual title of the EPM CDE Challenge Lab might vary.

CyberArk University Exercise Guide Page 3

© Cyber-Ark® Software Ltd - No part of this material may be disclosed to any person or firm or reproduced by any means, electronic and mechanical,
without the express prior written permission of Cyber-Ark® Software Ltd.
7. Click Launch and wait for the lab to be provisioned. This will take a few minutes.

8. Once the lab is ready, the following button will appear:

9. Click Launch and check all VMs are properly started as below:

10. Review the EPM Tenant connection information. This information will be used
throughout the lab environment to authenticate to the EPM administration console.

CyberArk University Exercise Guide Page 4

© Cyber-Ark® Software Ltd - No part of this material may be disclosed to any person or firm or reproduced by any means, electronic and mechanical,
without the express prior written permission of Cyber-Ark® Software Ltd.
 < Insert provided username here >

< Insert provided password here >

Note: If you encounter any issues or errors while trying to launch the lab environment and/or
the EPM Tenant connection information does not display your assigned connection
details, please notify CyberArk EPM CDE Challenge Support by sending an email to:
[email protected]

Please provide your full name, email address used to register for the challenge, and a
brief description of the errors/issues you encountered.

11. To connect to a specific virtual machine, click on the monitor icon associated with each
virtual machine.

12. Use the Ctrl-Alt-Del button on the tool bar to send a Ctrl-Alt-Del to the machine.

CyberArk University Exercise Guide Page 5

© Cyber-Ark® Software Ltd - No part of this material may be disclosed to any person or firm or reproduced by any means, electronic and mechanical,
without the express prior written permission of Cyber-Ark® Software Ltd.
13. The clipboard icon will allow you to copy and paste text between your computer and
your lab machine.

14. The full screen icon will resize your virtual screen to adapt to your computer’s screen
settings to avoid scrolling.

CyberArk University Exercise Guide Page 6

© Cyber-Ark® Software Ltd - No part of this material may be disclosed to any person or firm or reproduced by any means, electronic and mechanical,
without the express prior written permission of Cyber-Ark® Software Ltd.
15. You may need to adjust your bandwidth setting on slower connections.

International Users

By default, the lab machines are configured to use a US English keyboard layout. If you use
a machine from a country other than the US, you may experience odd behavior from your lab
machines. The solution is to install the keyboard layout for your keyboard on our lab
machines. Follow the process below to find and configure the correct keyboard layout for
your keyboard.

1. From the Start Menu launch “Add a language.”

CyberArk University Exercise Guide Page 7

© Cyber-Ark® Software Ltd - No part of this material may be disclosed to any person or firm or reproduced by any means, electronic and mechanical,
without the express prior written permission of Cyber-Ark® Software Ltd.
2. Click “Add a language.”

3. Select your language. Click Open.

4. Select your specific locality or dialect. Click Add.

CyberArk University Exercise Guide Page 8

© Cyber-Ark® Software Ltd - No part of this material may be disclosed to any person or firm or reproduced by any means, electronic and mechanical,
without the express prior written permission of Cyber-Ark® Software Ltd.
5. With the option English (United States) selected, click the Move down button. This will
make your language the default. Don’t remove US English altogether as your instructor
may need it if he/she connects to your machine.

Note: If you use an alternate keyboard layout (e.g. AZERTY, Dvorak) you can click on the
options next to your language to install that. Otherwise, close the Language window.

CyberArk University Exercise Guide Page 9

© Cyber-Ark® Software Ltd - No part of this material may be disclosed to any person or firm or reproduced by any means, electronic and mechanical,
without the express prior written permission of Cyber-Ark® Software Ltd.
6. In the system tray, click ENG, then choose your keyboard layout. You may switch back
and forth between keyboard layouts. Your instructor may need to switch back to ENG to
help you with exercises.

Network & User Environment Information

The network and user configuration information are provided for reference. You have full
access to the network resources. Acme Corp has provided usernames for access to the
domain and for endpoint testing. Access to the domain controller is provided if needed.

Note: The default password for all accounts is Cyberark1

Network Information:

Domain: acme.corp
Hostname IP Address VM Host
dc01.acme.corp 10.0.0.2 Domain Controller
winwks01.acme.corp 10.0.30.1 Workstation

User Information:

Username Group Membership Password Description

wkslocaladmin Administrators Cyberark1 Local Administrator

administrator Domain Admins Cyberark1 Built-in Domain Administrator
winadmin01 WindowsAdmins Cyberark1 Windows Admin (Domain)
standarduser01 Domain User Cyberark1 Standard User (Domain)

CyberArk University Exercise Guide Page 10

© Cyber-Ark® Software Ltd - No part of this material may be disclosed to any person or firm or reproduced by any means, electronic and mechanical,
without the express prior written permission of Cyber-Ark® Software Ltd.
 developer01 Developers Cyberark1 Developer User (Domain)

Accessing EPM

1. Connect to the Workstation virtual machine by clicking on the monitor icon.

2. Log in and authenticate to the Workstation machine using the acme\standarduser01

username and Cyberark1 password.

3. Open Google Chrome and browse to the EPM Tenant URL provided (example shown
below).

CyberArk University Exercise Guide Page 11

© Cyber-Ark® Software Ltd - No part of this material may be disclosed to any person or firm or reproduced by any means, electronic and mechanical,
without the express prior written permission of Cyber-Ark® Software Ltd.
 URL

https://acme-corp.id.cyberark.cloud

4. When prompted for Sign In, enter your <username> as provided, then click Next.

CyberArk University Exercise Guide Page 12

© Cyber-Ark® Software Ltd - No part of this material may be disclosed to any person or firm or reproduced by any means, electronic and mechanical,
without the express prior written permission of Cyber-Ark® Software Ltd.
5. When prompted to authenticate, enter your <password> as provided, then click Next.

CyberArk University Exercise Guide Page 13

© Cyber-Ark® Software Ltd - No part of this material may be disclosed to any person or firm or reproduced by any means, electronic and mechanical,
without the express prior written permission of Cyber-Ark® Software Ltd.
6. Locate and click EPM-Training within the CyberArk Identity User Portal to connect to
the EPM console.

CyberArk University Exercise Guide Page 14

© Cyber-Ark® Software Ltd - No part of this material may be disclosed to any person or firm or reproduced by any means, electronic and mechanical,
without the express prior written permission of Cyber-Ark® Software Ltd.
Note: This lab environment will use the CyberArk Identity Portal to connect to the EPM
console. Reference these connection procedures to use throughout the exercise guide
to access the EPM console.

CyberArk EPM Challenge Files

Some software for this challenge is already pre-installed on the Workstation machine.
Other files and software that will used can be found in a folder labeled EPMChallenge on
the Desktop for the standarduser01 profile:
C:\Users\standarduser01\Desktop\EPMChallenge

CyberArk University Exercise Guide Page 15

© Cyber-Ark® Software Ltd - No part of this material may be disclosed to any person or firm or reproduced by any means, electronic and mechanical,
without the express prior written permission of Cyber-Ark® Software Ltd.
The CDE EPM Challenge

Objective: The Acme Corporation (“customer”) has implemented CyberArk Endpoint

Privilege Manager solution to secure and protect endpoints in the enterprise.
The customer is having endpoint security issues that need to be resolved.
Additionally, the customer wants to enable other EPM features and functionality
including Threat Protection and Ransomware prevention to be applied in the
environment to reduce the attack surface and mitigate security risks.

General Instructions
1. You will have access to the lab for 7 calendar days to complete the challenge and
complete all the objectives and tasks defined herein.
a. Labs submitted for review after 7 days will not be reviewed and will be recorded
as failed.
2. Review the “CyberArk Partner CDE EPM Challenge Guidelines” document
downloadable from the training website. The CDE EPM Challenge Guidelines can be
used as a reference guide for all CDE EPM Challenge labs and assignments.
3. Refer to CyberArk EPM documentation, the CyberArk Marketplace, or CyberArk Tech
Community to complete your tasks if you need further assistance.

4. Only the registered CDE EPM Challenge candidate (yourself) is allowed to configure
the provided CyberArk CDE EPM Challenge lab environment.

5. All questions related to the CDE EPM Challenge must be sent to

[email protected] but no technical assistance will be provided
beyond what is included in this guide.

6. Once you have completed the challenge, please email the Skytap Lab URL and the
email address you used to register for the challenge to:
[email protected]

Note: If any of the tasks in the CDE EPM Challenge cannot be solved or
accomplished using CyberArk EPM, then please include the task number and a brief
explanation explaining why EPM cannot be used to solve that task with your
completion correspondence.

7. Please note the requirement that all polices created during this challenge, shall have
strict naming convention.

a. Each task requiring a policy to be created should use the following format:

CyberArk University Exercise Guide Page 16

© Cyber-Ark® Software Ltd - No part of this material may be disclosed to any person or firm or reproduced by any means, electronic and mechanical,
without the express prior written permission of Cyber-Ark® Software Ltd.
 <Task_Number>-<Candidate_Name><Year_Month_day>

Example: Task4-JohnDoe-20240112

b. Policy deletion is not permitted. If you make a mistake after creating a policy,
then deactivate the policy and create a new one in its place. In case you do not
need a policy, deactivate it. Please provide any special instructions to CyberArk
making note of changes that you made to remove any confusion.

8. Throughout the challenge, do not delete data, such as events, audit logs,
configurations, etc.

9. All tasks are in chronological order. Please do not skip back and forth. Some tasks
depend on previous tasks’ outcomes.

10. Refer to the Introduction section for more information regarding the lab environment,
network and user information, and other file resources to be used for this challenge.

Assigned Tasks
Task 1: General EPM set administration
1. Log in and authenticate to the Workstation machine using the acme\standarduser01
username and Cyberark1 password.
2. Open Google Chrome and log in and authenticate to the EPM web console using the EPM
account created for this training challenge.
3. The Acme Corp IT Security Team has identified an application that is required by the
enterprise to be excluded always from all Windows endpoints protected by EPM. Define an
exclusion for an application called CyberSec. Here are the general specifications of the
CyberSec application:
Base Application Directory: C:\Program Files\CyberSec
Software Drivers Directory: C:\Windows\Drivers\CyberSec.dll
Digital Publisher Signature: CyberSec LLC
4. Install the EPM agent onto the Workstation machine.
5. Enable EPM to show the EPM Tab in File Properties.
6. Enable EPM to hide the EPM Control Panel on Desktop icon.
7. Activate the EPM agent in Demo Mode.
8. Enable EPM to collect policy usage data.
Task 2: Privilege Management collection
1. Create a new End-user UI Dialog duplicated from Application requires admin privileges (UAC)
Name: PM Detect Dialog
Title bar: PM Detect Dialog (UAC)
Headline: Privilege Management - Detect
2. Configure the Default Policies → Privilege Management to Detect Mode

CyberArk University Exercise Guide Page 17

© Cyber-Ark® Software Ltd - No part of this material may be disclosed to any person or firm or reproduced by any means, electronic and mechanical,
without the express prior written permission of Cyber-Ark® Software Ltd.
 • Show EPM Notifications for standard users. Use the newly created PM Detect Dialog
notification.
• Allow users to create privilege elevation requests.
• Collect privilege elevation from all users and all computers.
Task 3: Create EPM baseline policies

NOTE: For this task/assignment, create the policy names as described below. Do not create
the policy names using the <Task_Number>-<Candidate_Name>-<Year_Month_Day>
format described for all other tasks.

Create the following EPM baseline policies:

1. Create Advanced Policies for each policy action (Block, Allow, Elevate, and Elevate if
Necessary) to govern and protect all endpoints, users, and groups in the Set.
• Use a standard policy naming convention as described in the Application Policy
Guidelines section of the online documentation.
Example: All-Block-Applications
• Define a policy priority hierarchy for each baseline policy to set the Block policy for
a higher priority and the other policy actions to a lower priority.
• Add / define an initial executable application for each policy using the following
parameters:
File Name: dummy.exe
• For added security and ease of EPM administration, assign the EPM default
Application Group policies for each policy action to their associated Advanced
Policy being created as a defined application.
2. Create Advanced Policies for a functional role to support IT Engineers/Administrators for
only Elevate and Elevate if Necessary policy actions. Target the policy to govern and
protect all endpoints in the Set, but only for the IT Engineers/Administrators for Acme Corp.
Use the ACME\WindowsAdmins AD Security Group.
• Use a standard policy naming convention as described in the Application Policy
Guidelines section of the online documentation.
• Define the policy priority to be set to a lower priority than the Block policy for all
endpoints, but also higher than the other policy actions for all endpoints. This will
ensure the IT Engineers/Administrators policies will override the standard policy
actions except for Block.
• Add / define an initial executable application for each policy using the following
parameters:
File Name: dummy.exe

NOTE: Refer to CyberArk online documentation for EPM for more information. Review the Get
Started → Best Practices → Application Policy Guidelines section for more detailed
information and general recommendations.

Task 4: Enable privilege elevation for an application for IT

Acme Corp has authorized ACME\WindowsAdmins AD Security Group to run the application
cmd.exe with privilege elevation. For security, audit, and compliance purposes, Acme Corp
requires an audit history of each time the cmd.exe application is run with privilege elevation by
collecting policy audit data. The cmd.exe application is also permitted to be run by all other

CyberArk University Exercise Guide Page 18

© Cyber-Ark® Software Ltd - No part of this material may be disclosed to any person or firm or reproduced by any means, electronic and mechanical,
without the express prior written permission of Cyber-Ark® Software Ltd.
 standard users, however not with privilege elevation. Policy audit data collection is not required
when running cmd.exe without privilege elevation.

1. Create new EPM policies to support the cmd.exe use cases for Acme Corp. Create the
policy names using the <Task_Number>-<Candidate_Name>-<Year_Month_Day>
naming convention as described in this exercise guide.
2. Test the newly created policies to ensure the application cmd.exe is functionally working
according to the Acme Corp requirements.
Task 5: Troubleshoot and resolve a policy not working
A policy file has been created to enable users to run and execute the Notepad++ installation
package with privilege elevation. The policy file needs to be imported and is located here:
C:\Users\standarduser01\Desktop\EPMChallenge\Task5-EPMCDE.epmp

After importing the policy file, it has been reported that all users are not able to install the
Notepad++ application properly, therefore the imported policy is not working correctly. The
expected result should allow all users on all endpoints to be able to run and execute the
Notepad++ installation executable located here:
C:\Users\standarduser01\Desktop\EPMChallenge\npp.7.9.5.Installer.x64.exe

Can you help Acme Corp troubleshoot and resolve this newly imported policy?
1. Import the Task5-EPMCDE.epmp policy file and active the newly imported policy.
2. Troubleshoot and fix the newly imported policy to allow all users to install Notepad++
3. After troubleshooting and fixing the policy, install Notepad++ as standarduser01. Install the
application with the default settings.
4. Verify Notepad++ is successfully installed and try running the application as a standard
user to make sure it is running properly.
Task 6: Allow IT to manage protected files
IT Engineers/Administrators at Acme Corp are authorized to edit the Windows “hosts” file on all
endpoints. IT Security, however, requires that all text editors such as Notepad or Notepad++
cannot be run with privilege elevation to support this functional use case.

Create an EPM policy to grant the ACME\WindowsAdmins AD Security Group functional role full
control file permissions to edit the “hosts” file at the following location:
C:\windows\system32\drivers\etc\hosts
Task 7: Allow IT to manage local users and groups on all endpoints
IT Engineers/Administrators need to run the Computer Management utility to manage local users
and groups with privilege elevation.

Create an EPM policy to provide ACME\WindowsAdmins AD Security Group with the functionality
to elevate privilege for Local Users and Groups.
Task 8: Provide all users control to stop and start a service
Acme Corp has authorized all users to be able to manage the Windows Time Service on each
endpoint.

Create an EPM policy to provide all users the ability to stop and start the Windows Time service on
endpoints. The service is named W32Time.

CyberArk University Exercise Guide Page 19

© Cyber-Ark® Software Ltd - No part of this material may be disclosed to any person or firm or reproduced by any means, electronic and mechanical,
without the express prior written permission of Cyber-Ark® Software Ltd.
Task 9: Block an application
IT Security at Acme Corp has identified that the application FileZilla is not authorized to be run and
executed an any endpoint within the enterprise.

Create a policy to prevent FileZilla from running and executing. Some endpoints already have this
software installed, including the workstation WINWKS01, however until IT can identify all endpoints
with FileZilla installed, help Acme Corp prevent this application from running.
Task 10: Enable Application Control collection
Acme Corp would like to use EPM to provide additional protection for application control. To
assist with their efforts and requirements configure EPM to perform the following functions:
1. Enable application control to block applications downloaded from the Internet.
2. Enable application control to restrict unhandled applications.
3. Enable EPM Ransomware protection to restrict unwanted malicious attacks on endpoints
that might include malware to steal sensitive data, while encrypting and holding for ransom.
Task 11: Troubleshoot and resolve an application not functioning
After enabling Application Control and Ransomware Protection with EPM, it has been reported that
the CyberArk EPM browser plugin is no longer functioning properly.

Can you help Acme Corp fix and resolve this issue by creating an EPM policy to trust all files
signed by CyberArk Software Ltd. as well as all children processes?
Task 12: Exclude an application from ransomware protection
IT Security is still in the process of evaluating an application named DataMine.exe. Because this
application will access and potentially modify various file types, IT Security would like to exclude
this application from EPM Ransomware Protection.

Create an EPM policy to assist Acme Corp with excluding the DataMine application from
ransomware protection using the following application parameters:
LocationType: is on local disk only
File Name: DataMine.exe
Signed by: DataMine Corp
Task 13: Generate an EPM report
IT Security would like to receive a weekly report that can be automatically distributed to their email
distribution inbox for all Ransomware Events. They are requesting this report to be in CSV format.

Can you help them generate this report and send to: [email protected]?
Task 14: Protect from credential theft
IT Security has identified that users are storing sensitive credentials within Google Chrome
browser cache to assist with automatically authenticating to various web resources. The CISO at
Acme Corp would like to protect all credentials stored in Google Chrome to prevent potential
malicious attacks to harvest credentials and minimize their threat surface.

Can you help implement an EPM policy that can prevent credentials from being harvested and
stolen from Google Chrome cache?
Task 15: Working with CyberArk Support
Acme Corp is having trouble configuring EPM to allow privilege elevation for an application named
CheckAccess.exe.

CyberArk University Exercise Guide Page 20

© Cyber-Ark® Software Ltd - No part of this material may be disclosed to any person or firm or reproduced by any means, electronic and mechanical,
without the express prior written permission of Cyber-Ark® Software Ltd.
 After contacting CyberArk Support, they have been instructed to gather a collection of files from
EPM to include with the support ticket request. Can you help Acme Corp gather the needed EPM
files for this support case?

The problem reported in this support case is described as the following issue:
“Acme Corp cannot elevate the application CheckAccess.exe, although it has been configured
and included with the correct elevation policy.”
1. Gather and collect the EPM files that CyberArk Support is requesting to be attached to this
support case. Make sure the files are bundled into a ZIP archive to provide an easy and
efficient method for attaching/uploading to the support case. Save and store all the needed
support files in the following location:
C:\Users\standarduser01\Desktop\EPMChallenge\Support\
2. In addition to gathering and collecting the necessary EPM files, CyberArk Support has also
requested to include a brief description of the problem being reported into a simple text file
labeled SupportCase.txt. Open and edit this file located in the Support subdirectory and
include a subject summarizing the reported issue along with including a brief description of
the issue as stated above.

NOTE: To create the support information archive file use either the EPM agent command-line
utility or Windows system tray notification area for the EPM agent.

CyberArk University Exercise Guide Page 21

© Cyber-Ark® Software Ltd - No part of this material may be disclosed to any person or firm or reproduced by any means, electronic and mechanical,
without the express prior written permission of Cyber-Ark® Software Ltd.