New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

IBM C2150-609 IBM Security Access Manager V9.0 Deployment Exam Practice Test

Demo: 20 questions
Total 137 questions

IBM Security Access Manager V9.0 Deployment Questions and Answers

Question 1

A stateful junction /WebApp is added to a Web reverse proxy instance with two backend HTTP servers. When one of the backend server stops responding to the requests, the users are getting the "Third Party Not Responding” error message even though one of the backend server continues to respond.

Which parameter needs to be added to the configuration file so that "Third Party Not Responding" error page is not rendered and the user is connected to the backend server that is responding?

Options:

A.

use-same-session = yes

B.

use-new-stateful-on-error = yes

C.

failover-include-session-id = yes

D.

enable-failover-cookie-for-domain = yes

Question 2

A deployment professional needs to configure a JavaScript into an application before a user can access a resource protected by an IBM Security Access Manager V9.0 Advanced Access Control policy which calculates a Risk Score.

What is the name of this JavaScript?

Options:

A.

info.js

B.

init_acc.js

C.

setup_riskscore.js

D.

dynamic.attributes.js

Question 3

What are two key benefits of deploying IBM Security Access Manager V9.0? (Choose two.)

Options:

A.

Session Management Server module

B.

Enhanced user life-cycle management

C.

Enhanced Session Recording features

D.

Federated Single Sign On capabilities

E.

Secure user access to web and mobile applications

Question 4

An IBM Security Access Manager V9.0 systems deployment professional needs to protect a back-end web applications from SQL injection attacks that match signatures from the IBM X-Force signature database.

Which action needs to be performed?

Options:

A.

Simulation Mode must be enabled and a Risk Profile must be specified.

B.

Web Content Protection must be enabled and a Risk Profile must be specified.

C.

Simulation Mode must be enabled and a Registered Resource must be specified.

D.

Web Content Protection must be enabled and a Registered Resource must be specified.

Question 5

A deployment professional has created a new SAML 2.0 Service Provider federation and added an Identity Provider partner.

What will be the next step to allow users to single sign-on to the service?

Options:

A.

Configure trigger URL

B.

Upload a mapping rule

C.

Import Identity Provider metadata

D.

Create a certificate to sign SAML messages

Question 6

A system is configured with two IBM Security Access Manager (ISAM) V9.0 reverse proxy servers behind a load balancer, and it is planned to use forms-based user authentication. It is a requirement that if a reverse proxy were to fail, users that were already logged in would not be required to log in again.

Which two configurations can the deployment professional use to achieve this? (Choose two.)

Options:

A.

Configure the system to use LTPA cookies

B.

Configure the system to use session cookies

C.

Configure the system to use failover cookies

D.

Configure the system to use the global signon (GSO) cache

E.

Configure the system to use the Distributed Session Cache (DSC)

Question 7

The security deployment professional of an IBM Security Access Manager V9.0 solution has been using routing files to customize message logging.

Which aspect of the logging activity can be controlled?

Options:

A.

Size of log file

B.

Delete log files

C.

Log compression

D.

HTML formatting

Question 8

An IBM Security Access Manager (ISAM) V9.0 environment is configured with Primary and Secondary Master servers. The Primary master node becomes unavailable and ISAM deployment professional promotes the Secondary Master node to a Primary Master.

What happens to the original Primary Master when it becomes available and rejoins the network?

Options:

A.

It is automatically removed from the cluster.

B.

It is automatically demoted to the role of a non-master node.

C.

It is automatically promoted to the role of a Primary Master node.

D.

It is automatically demoted to the role of a Secondary Master node.

Question 9

The IBM Security Access Manager system V9.0 deployment professional is planning to use a WebSEAL cluster in order to simplify the ongoing management of the system.

Which statement is correct about using a WebSEAL cluster?

Options:

A.

All members of a WebSEAL cluster must be members of the same appliance cluster.

B.

Members of a WebSEAL cluster are not required to be members of the same appliance cluster.

C.

Junction definition updates to any reverse proxy will be replicated to all other members of the WebSEAL cluster.

D.

Junction definition updates to the WebSEAL cluster maste^ust be manually copied to all other members of the WebSEAL cluster.

Question 10

Which two features does the hardware appliance provide by default? (Choose two.)

Options:

A.

DVD drive

B.

Built-in UPS

C.

6 network interfaces

D.

On-board Hardware Cryptographic Accelerator

E.

Dedicated CPU. disk and memory resources for IBM Security Access Manager

Question 11

A company has deployed an IBM Security Access Manager V9.0 solution to protect web resources and now wants to secure access to enterprise resources from mobile devices. The security deployment professional needs to run a utility to configure the existing WebSEAL with the instance of the appliance that provides the authorization server for Advanced Access Control.

Which utility tool will perform this configuration?

Options:

A.

isamcfg

B.

pdadmin

C.

Web Administration Tool (WAT)

D.

Middleware Configuration Utility

Question 12

An IBM Security Access Manager (ISAM) V9.0 deployment professional wants to implement some changes to the ISAM object space in the production environment. Before applying the changes, the ISAM object space needs to be exported and saved.

How should the ISAM deployment professional do this export?

Options:

A.

Use the REST API

B.

Use the LMI export panel

C.

Use the pdadmin command

D.

Use the Policy Administration (WPM)

Question 13

Which task should an IBM Security Access Manager V9.0 deployment professional perform prior to sharing the support files with other stakeholders?

Options:

A.

Generate a MD5 hash of the support file's filename

B.

Use an archiving utility to compress the support file

C.

Inspect the contents of the support file and censor any confidential information

D.

Delete all the log files from the support file because they are not useful to the stakeholders

Question 14

An IBM Security Access Manager V9.0 deployment at a customer has enabled audit.authz, audit.authn, audit,http for meeting auditing requirements and results in large volume of audit records and poses significant data management challenges to the client. The customer wants to exclude the audit events to certain static resources such as images.

What action should be taken to implement this?

Options:

A.

Disable audit.http events only

B.

Disable audit.http.unsuccessful events only

C.

Define a POP with the audithttp set to "no"; attach this to the static resources

D.

Define an ACL with the audithttp operation set to "no"; attach this to the static resources

Question 15

The Distributed Session Cache has been enabled to replace the Session Management Server in a recently migrated IBM Security Access Manager V9.0 environment. Several Reverse Proxies have not yet been migrated from ISAM V7.0.

The help desk is now receiving user complaints due to multiple logins required for applications protected by the ISAM V7.0 Reverse Proxies.

Which Distributed Session Cache option should be checked?

Options:

A.

enable-sms-functionality

B.

provide_700_9ttribute_ids

C.

Replicate certificate databases

D.

Support internal and external clients

Question 16

Which action must be completed for an external high-volume runtime database after upgrading a Security Access Manager appliance?

Options:

A.

Drop the runtime database

B.

Restart the external database

C.

Recreate the configuration table

D.

Run the Access Control update .sql files

Question 17

A deployment professional needs to update the certificate used by the LMU Which steps should the deployment professional follow to complete this task?

Options:

A.

Navigate in the LMI to manage system settings -> Management SSL Certificate -> Upload p12 file

B.

Navigate in the LMI to manage system settings -> Management SSL Certificate -> Request New Certificate from CA

C.

Navigate in the LMI to manage system settings -> Management SSL Certificate -> Update rt_profile_keys key file

D.

Navigate in the LMI to manage system settings -> Management Authorization -> Update rt_profile_keys key file

Question 18

Which hypervisor supports hosting the IBM Security Access Manager (ISAM) 9.0 virtual appliance?

Options:

A.

QNX

B.

Hyper-V

C.

VMware ESX

D.

RHEL Workstation

Question 19

A company has a large number of users who use mobile applications. The company wants to implement context-aware access controls for these resources.

Which module of IBM Security Access Manager V9.0 should the company enable to support this requirement?

Options:

A.

Federation module

B.

Protocol Analysis module

C.

Mobile Access Control modulo

D.

Advanced Access Control module

Question 20

An IBM Security Access Manager (ISAM) V9.0 environment is defined with multiple WebSEAL servers defined for high availability. They protect the same set of backend junctions.

Which parameter needs to be configured in each WebSEAL's configuration file to force all replicated WebSEAL servers to perform authorization checks against the same protected object space?

Options:

A.

host-name

B.

server-name

C.

domain-name

D.

virtual-host-name

Demo: 20 questions
Total 137 questions