Identify three uses of the Knowledge-Based Authentication functionality provided by Oracle
Adaptive Access Manager.
Answer : A,B,C
Your portfolio trading customer is using Oracle Entitlements Server (OES) to externalize authorization decisions from their share dealing application.
The trading customer has stipulated the following policy need to be implemented:
- Customers can purchase shared only if their credit limit is 20% higher than the value of the shares in their basket at checkout.
The value of basket and a customer's credit limit are both available in the application, and can be passed to OES as part of an authorization request if required.
You are looking to implement the most efficient policy within OES. Which three steps would you implement?
Answer : B,D,F
Identity two authentication engines that are available in Oracle Identity Federation (OIF)
11g.
Answer : A,D
Which two mechanisms does Oracle Access Manager provide for credential collection during authentication?
Answer : A,C
What would you need to configure to migrate all agents (WebGates) with different transport security modes from Oracle Access Manager 10g to Oracle Access Manager 11g in the same transport security mode.
Answer : B
When defining an attribute on the Relying Party Partner Profile in Security Token Service, which three types of attribute sources are supported?
Answer : A,C,E
How would you add support for additional Internet Identity Providers for Oracle Access
Management Mobile and Social, other than the preconfigured ones such as Facebook and
LinkedIn? (Choose the best answer.)
Answer : D
Explanation:
Referencehttps://docs.oracle.com/cd/E37115_01/admin.1112/e27239/oicconfiginetidentitys rvcs.htm#AIAAG8280
Which protocol does WebGate use to communicate with the Access Manager server?
(choose the best answer.)
Answer : C
Explanation: http://docs.oracle.com/cd/E25178_01/doc.1111/e15478/keytool.htm
Which two features of Oracle Access Management Mobile and Social are supported only when it is integrated with Oracle Adaptive Access Manager?
Answer : A,C
Which three statements are true about OAM-OAAM advanced integration?
Answer : B,C,E
Which are the four valid token types that Oracle Mobile and Social can return to a mobile client on authentication?
Answer : B,C,E,F
How would you configure an authentication policy for federation in Oracle Access
Management 11gR2?
Answer : C
Your customer has deployed an employee portal that you have protected with Oracle
Access Manager (OAM). The customer now wants a new portlet added to the home page to display the employee's salary details. The portlet will obtain the information through a call an internally exposed web service. Your customer has defined the following security requirements for the new portlet:
1. Employees must be authenticated through risk-based authentication before they can access the portal.
2. The web service must be secured from unauthenticated calls.
3. All security logic for the web service must be external to the web service.
4. The web service should return salary details only if the user's authentication risk score is below 500.
Which four steps must you perform to meet the requirements for the new portlet?
Answer : A,B,C,D
What extra configuration must be performed only when a detached Credentials Collector is separated from a Resource WebGate and not when they are combined?
Answer : B
Identify three required steps for configuring OAM-OAAM basic integration.
Answer : A,B,C