최신 C2150-609 무료덤프 - IBM Security Access Manager V9.0 Deployment

문제1

The request in a customer environment is IDP Initiated unsolicited SSO. The initial URL is:
https://POCIDP/FIM/sps/saml2idp/sam120/logininitial?
RequestBinding=HTTPPost&Partnerld=https://POCSP/isam/sps/abc/saml20&NameIdForm at=email The POCIDP is Point of Contact for Identity Provider and POCSP is Point of Contact for Service Provider. The customer wants to configure TargetURL within the Service Provide' Federation configuration in IBM Security Access Manager V9.0.
What will satisfy this requirement?

A. itfim_override_targeturl_attr in the mapping rule

B. Target_URL in the mapping rule

C. Federation Runtime property TargetURL

D. poc.signin.responseTargetURL

정답: C

문제2

Multiple users are complaining about being denied access to resources they believe they are entitled to see. The IBM Security Access Manager (ISAM) V9.0 deployment professional needs to understand and troubleshoot the various access control constructs in the ISAM protected object space. The deployment professional must also understand the order of evaluation of the three major access control constructs available in the Policy Administration tool.
What is the correct order of evaluation for these constructs?

A. AuthzRule -> ACL -> POP

B. ACL -> AuthzRule -> POP

C. POP -> AuthzRule -> ACL

D. ACL -> POP -> AuthzRule

정답: D

문제3

A deployment professional in charge of a large deployment with replicated reverse proxy instances needs to keep junctions, template files, and configuration settings in sync between the instances.
How can this be done?

A. Setup appliance clustering and issue server sync all

B. Setup a master reverse proxy instance and issue server task target-instance sync source-instance

C. Setup a master reverse proxy instance and issue server task source-instance sync target-instance

D. Setup appliance clustering and issue server cluster sync

정답: A,D

문제4

An IBM Security Access Manager (ISAM) V9.0 deployment professional has downloaded a snapshot from an ISAM virtual appliance configured with reverse proxy. This snapshot is being applied to another virtual appliance.
Which condition must be met before applying a snapshot form one virtual appliance to another?

A. Both appliances must be at the same firmware level

B. Both appliances must be in the same time zone

C. Both appliances must have the same activation keys applied

D. Both appliance must have same application database setting

정답: C

문제5

What are two key benefits of deploying IBM Security Access Manager V9.0? (Choose two.)

A. Enhanced user life-cycle management

B. Secure user access to web and mobile applications

C. Session Management Server module

D. Federated Single Sign On capabilities

E. Enhanced Session Recording features

정답: A,E

문제6

After a test cycle the deployment professional wants to search the WebSEAL WGA1 instance request log for HTTP 404 responses.
Where can this log be found in the Local Management Interface?

A. Monitor > Application Log Files, expand the var/logs/pdweb/WGA1 folder, select the request.log file and click View

B. Monitor > Manage Reverse Proxy Log Files, select the WGA1 instance, select the request.log file and click View

C. From the Home page, click on the WGA1 instance in Reverse Proxy Health widget, select the request.log file and click View.

D. Secure Web Settings > Reverse Proxy, select the WGA1 instance, access the Manage
> Troubleshooting > Tracing menu item, select the request.log file and click View

정답: B

문제7

A deployment professional is configuring context based access for a protected resource junctioned by WebSEAL.
What must be explicitly set in order to invoke the runtime security services EAS to authorize a request?

A. Trigger-url

B. Protected Object Policy (POP)

C. Policy Information Point (PIP)

D. Authorization rule

정답: B

문제8

In a customer environment, a REST API client is being developed to carry out Reverse Proxy configuration and maintenance. As part of one of the activities the customer needs to update the junction information with an additional Backend Server. The customer has written a REST API client but is not able modify the junction.
Which HTTP headers should the customer pass?

A. content-type:application/json, Authorization

B. Host, Accept: Application/json

C. Host, Authorization

D. Authorization, Accept:Application/json

정답: D

문제9

What out-of-the-box feature of IBM Security Access Manager (ISAM) V9.0 enables invalidating a defined collection of back-end server generated HTTP cookies when the user logs off WebSEAL?

A. cookie jar

B. logout-remove-cookie attribute in webseal.conf

C. /pkmslogout

D. -k option on junction create command (server task create)

정답: B

문제10

The customer directory environment includes two Active Directory (AD) Domain Controllers (DC) managing separate suffixes (one for corporate users, one for field offices), and one occurrence of Oracle Directory Server (ODS). The business requirement states the AD for corporate users is optional and the environment should remain available even if this DC is down. There are no duplicate users across these directories.
After configuring all directories in the Secure Web Settings -> Runtime Component -> Manage -> Federated Directories, how can this requirement be achieved?

A. Edit the resulting Idap.conf and add the "ignore-if-down = yes" to the AD for the corporate.

B. Edit the resulting Idap.conf and add the "max-server-connections = 0" to the AD for the corporate.

C. Ensure the "Required" checkbox is checked for both the field office AD and the ODS server.

D. Edit the resulting Idap.conf and add the "ignore-if-down = yes" to the AD for the field offices and ODS server.

정답: A

최신 C2150-609 무료덤프 - IBM Security Access Manager V9.0 Deployment

우리와 연락하기

유용한 링크

최신 업데이트