IBM Security Access Manager V9.0 Deployment v1.0 (C2150-609)

Page:    1 / 10   
Total 138 questions

In a Web Commerce environment, a "/shoppingcart" junction with four back-end application servers is created on the IBM Security Access Manager V9.0 Web
Reverse Proxy. The back-end servers are not using session replication.
Which action is appropriate for maintaining session state when creating the junction?

  • A. Create a WebSEAL-to WebSEAL_junction
  • B. Configure the junction so that the "least-busy" algorithm
  • C. Configure the junction so that it is configured to be a stateful junction
  • D. Configure the junction to insert user session data "user_session_id" into the HTTP headers


Answer : D

Reference:
https://publib.boulder.ibm.com/tividd/td/ITAME/GC23-4682-00/en_US/HTML/ws-agmst87.htm

A company is planning to deploy an IBM Security Access Manager (ISAM) V9.0 cluster to provide high availability services to its customer. ISAM cluster members are separated by a firewall.
Which port(s) should be open in the firewall to assure normal cluster service functionality?

  • A. 21
  • B. 22
  • C. 2020
  • D. 2020 to 2050


Answer : B

Reference:
http://www.redbooks.ibm.com/redpapers/pdfs/redp5256.pdf
(35)

An IBM Security Access Manager (ISAM) V9.0 deployment professional has downloaded the ISAM V9.0 installation files from the IBM Passport Advantage site.
XenServer 6.2 will be the hypervisor technology used for a new ISAM Virtual Appliance installation.
What is the installation media file type needed to deploy the new ISAM appliance on XenServer?

  • A. pkg file
  • B. img file
  • C. vhd file
  • D. ove file


Answer : C

Reference:
http://www-01.ibm.com/support/docview.wss?uid=swg27046801&aid=12
(21)

The IBM Security Access Manager (ISAM) V9.0 deployment professional has recently discovered an entire deployment of over 100 junctions was performed incorrectly.
How can a repair operation be scripted for this, and future deployment personnel?

  • A. Use the CLI SSH interface, navigating to isam-> admin and authenticating as sec_master.
  • B. Use a text editor and create the correct junction XML files, then import them using the LMI.
  • C. Use the LMI Secure Web Settings-> Reverse Proxy-> Manage-> Junction Management interface.
  • D. Use the REST API interface https://{appliance_hostname}/isam/pdadmin, JSON files and the CURL utility.


Answer : C

A deployment professional needs to configure a JavaScript into an application before a user can access a resource protected by an IBM Security Access Manager
V9.0 Advanced Access Control policy which calculates a Risk Score.
What is the name of this JavaScript?

  • A. info.js
  • B. init_acc.js
  • C. setup_riskscore.js
  • D. dynamic.attributes.js


Answer : D

Reference:
http://www-01.ibm.com/support/docview.wss?uid=swg27049641&aid=16
(163)

Which hardware component is included in an IBM Security Access Manager V9.0 hardware appliance?

  • A. UPS
  • B. IPMI port
  • C. LCD Panel
  • D. InfiniBand port


Answer : C

Reference:
https://www.ibm.com/support/knowledgecenter/en/SSPREK_9.0.3/com.ibm.isam.doc/isam90_quickstart_hardware.html

Which hypervisor supports hosting the IBM Security Access Manager (ISAM) 9.0 virtual appliance?

  • A. QNX
  • B. Hyper-V
  • C. VMware ESXi
  • D. RHEL Workstation


Answer : C

Reference:
https://www.ibm.com/support/knowledgecenter/en/SSELE6_8.0.0/com.ibm.ammob.doc_8.0/isam80_quickstart_virtual.html

A deployment professional wants to ensure traffic from a Reverse Proxy to a junction backend application server goes out over a specific interface.
How can this be accomplished?

  • A. Create a new management interface.
  • B. Create a new application interface
  • C. Create a static route to the backend server
  • D. Create a new interface in the reverse proxy configuration file


Answer : A

What are two key benefits of deploying IBM Security Access Manager V9.0? (Choose two.)

  • A. Session Management Server module
  • B. Enhances user life-cycle management
  • C. Enhanced Session Recording features
  • D. Federated Single Sign On capabilities
  • E. Secure user access to web and mobile applications


Answer : BE

A deployment professional is developing a script using REST APIs to monitor the status of WebSEAL instances.
Which attribute and value indicates a WebSEAL instance is down?

  • A. Instance "health" with a value of "1".
  • B. Instance "status" with a value of "running".
  • C. Root junction (/) "health" with a value of "1".
  • D. Root junction (/) "status" with a value of "running".


Answer : A

There is a connectivity issue between the IBM Security Access Manager V9.0 Reverse Proxy and the backend business application.
What troubleshooting command under Tools in the application SSH interface can be used to validate the Reverse Proxy can successfully connect to the backend host:port?

  • A. ping
  • B. connect
  • C. traceroute
  • D. connections


Answer : D

An OAuth client intermittently receives an error related to maximum number of tokens exceeded.
What property should be adjusted to prevent this error?

  • A. Set the strict_limit to variable
  • B. Set least_recently_used to true
  • C. Increase limit_oauth_tokens_per_user_per_client
  • D. Increase max_oauth_tokens_per_user_per_client


Answer : D

Reference: https://www.ibm.com/support/knowledgecenter/zh/SSELE6_8.0.1.3/com.ibm.isam.doc/config/concept/OAuth_token_limits.html

An IBM Security Access Manager V9.0 deployment at a customer has enabled audit.authz, audit.authn, audit.http for meeting auditing requirements and results in large volume of audit records and poses significant data management challenges to the client. The customer wants to exclude the audit events to certain static resources such as images.
What action should be taken to implement this?

  • A. Disable audit.http events only
  • B. Disable audit.http.unsuccessful events only
  • C. Define a POP with the audithttp set to "no"; attach this to the static resources
  • D. Define an ACL with the audithttp operation set to "no"; attach this to the static resources


Answer : D

The security deployment professional of an IBM Security Access Manager V9.0 solution has been using routing files to customize message logging.
Which aspect of the logging activity can be controlled?

  • A. Size of log file
  • B. Delete log files
  • C. Log compression
  • D. HTML formatting


Answer : A

A company has deployed an IBM Security Access Manager V9.0 solution with two Web reverse proxies and a load balancer in front them. The Web reverse proxy servers are configured with Distributed Session Cache (DSC).
Which two statements describe this deployment to DSC? (Choose two.)

  • A. It stores the last login timestamp.
  • B. It provides controls over the maximum number of allowed concurrent sessions per user.
  • C. It enables a standby Policy Server to be promoted to master if the primary Policy Server fails.
  • D. It means that a user who has logged in to reverse proxy is not required to log in again if it fails and a load balancer routes the user"™s traffic to another reverse proxy.
  • E. It forces all reverse proxies to perform authorization checks on the same protected object space, which reduces the number of places where ACLs and POPs need to be specified.


Answer : BC

Reference:
https://www.ibm.com/support/knowledgecenter/SSPREK_9.0.0/com.ibm.isam.doc/wrp_config/concept/con_sms.html

Page:    1 / 10   
Total 138 questions