IBM C2150-202 - IBM Security Access Manager for Mobile V8.0 Implementation Exam
Page: 1 / 14
Total 70 questions
Question #1 (Topic: )
Which two values are valid for the self-diagnostic test command for hardware appliances?
(Choose two.)
(Choose two.)
A. Stat
B. Disk
C. Blocks
D. Storage
E. Network
Answer: D,E
Question #2 (Topic: )
A security analyst created the following ISAM for Mobile policy and attached the policy to a
protected resource:
Precedence: Deny
- Attributes: Optional
-Rule 1: If riskScore >40 or ipReputation has member Malware Then Deny
Access to the protected resource is always denied.
What should be done to troubleshootthe policy evaluation?
protected resource:
Precedence: Deny
- Attributes: Optional
-Rule 1: If riskScore >40 or ipReputation has member Malware Then Deny
Access to the protected resource is always denied.
What should be done to troubleshootthe policy evaluation?
A. Add com.ibm.sec.auth.'=all to your trace string on the Monitor > Runtime Tracing. The trace file is available at Monitor > Application Log Files and then navigating to mga/runtime/trace.log in the file picker.
B. Add com.ibm.mga.auth.'=all to your trace string on the Monitor > Runtime Tracing. The trace file is available at Monitor > Application Log Files and then navigating to mga/runtime/trace.log in the file picker.
C. Add com.ibm.sec.authz.'=all to your trace string on the Monitor > Runtime Tracing. The trace file is available at Monitor > Application Log Files and then navigating to mga/runtime/trace.log in the file picker.
D. Add com.ibm.mga.authz.'=all to your trace string on the Monitor > Runtime Tracing. The trace file is available at Monitor > Application Log Files andthen navigating tomga/runtime/trace.log in the file picker.
Answer: C
Question #3 (Topic: )
A security analyst created an ISAM for Mobile policy to perform context based authorization
checks based on custom attributes and attached it to a protected resource.
The security analyst discovered that access to the protected resource is always getting
denied.
To troubleshoot you check:
? The WebSEAL configuration file contains a post-data entry in the [azn-decision-
info] stanza.
? The datatype entry is specified in the [user-attribute-definitions] stanza for this azn-
decision-info attribute is of type date.
? WebSEAL trace shows that the <post-data-name> value found for the post-data
entry is 'May 20. 2013.
Which change in data format will resolve this issue?
checks based on custom attributes and attached it to a protected resource.
The security analyst discovered that access to the protected resource is always getting
denied.
To troubleshoot you check:
? The WebSEAL configuration file contains a post-data entry in the [azn-decision-
info] stanza.
? The datatype entry is specified in the [user-attribute-definitions] stanza for this azn-
decision-info attribute is of type date.
? WebSEAL trace shows that the <post-data-name> value found for the post-data
entry is 'May 20. 2013.
Which change in data format will resolve this issue?
A. 2013-05-20 06:00
B. 2013-05-20:06:00
C. 2013-05-20-06-00
D. 2013-05-20-06:00
Answer: A
Question #4 (Topic: )
A customer has the following limitation for OAuth2 workflow: OAuth clients shall keep their
client credentials confidential when authenticating with the authorization server.
Which authorization grant type is suitable for this work flow limitation?
client credentials confidential when authenticating with the authorization server.
Which authorization grant type is suitable for this work flow limitation?
A. Client credential flow
B. Authorization code flow
C. Access token with refresh token flow
D. Client authorization code credential flow
E. Resource owner password credentials flow
Answer: A,B
Question #5 (Topic: )
Which two SSL certificate file types are supported by ISAM for Mobile? (Choose two.)
A. .der
B. .kdb
C. .p12
D. .arm
E. .pern
Answer: B,C
