000-609 - IBM WebSphere Datapower SOA Appliances Firmware V3.8.1, Solution Implementation

Go back to IBM

Example Questions

An application is sending realtime securities transactions using the FIX (Financial Information eXchange) message format. The customer wishes to route these messages to subscribers based upon a stock ticker symbol found within the FIX message. Which of the following is the appropriate WebSphere DataPower appliance for this customer? A customer would like to use an XSL transform specified in the incoming XML request to transform that document. Which of the following would be the appropriate processing action to use in this case? A customer needs message privacy and message integrity on a given transaction, and prefers the use of WSPolicy. WebSphere DataPower must receive a username from each user, but no authentication is required. In order to implement this, without additional custom work, the solution implementer must: The implementation of Authentication and Authorization using WebSphere DataPower for a particular project requires a custom stylesheet. Which of the following is a valid reason for this? What is the difference between WebSphere Service Registry and Repository (WSRR) Subscription and WSRR Saved Search Subscription? A solution implementer is using a WSProxy to send requests from a client to a backend server. A dp:settarget() element in a Transform action on a request rule is being used to dynamically route the message to one of two backends dependent on XML elements within the request message. The Type of the WSProxy has been set to Dynamic Backend. A URL Rewrite Policy has been configured to replace the URI sent from the client with the format required by the backend server. When the service is tested it is found that the Client URI is being sent to the backend. Which of the following would explain this behavior? A company wants to use the WebSphere DataPower SLM functionality with a schedule to monitor the number of messages being processed for a particular operation on week days in a Web Service Proxy. Messages should not be counted if they fail Signature Verification, but should be counted whether they pass Authentication and Authorization or not. Which of the following configurations would allow this? A solution implementer is testing a simple XML Firewall which needs to be a proxy for a web application. Both request and response message types are selected as nonXML on the main configuration panel. The policy has only a matching rule and a Results action. When a URL is entered from the browser, an HTTP 405 method is received. The logs show a message of the type: xmlfirewall (TestFW): Request method (GET) without a message body is not allowed, URL: http://example.com/servlet/test Which of the following steps should the solution implementer take to correct this error? A company wants to use the WebSphere DataPower SLM functionality to enforce service levels for access to a backend web service. Which of the following Count and Latency monitor pairs are valid within SLM statements? Which of the following is the correct syntax for Access Policies contained within an RBM (Role Based Management) Group definition? A WSProxy is receiving orders from partners as SOAP messages. The service is required to reject messages if the total order cost in the message does not match the sum of the individual item costs. Which of the following describes the functionality that would support this requirement? A solution implementer needs to send a request containing business data to a backend using an FTP PUT. Which of the following configurations will provide this functionality? A company wants to implement an XMLbased service that returns customer data. Which of the following configuration steps in an Multi-Protocol Gateway (MPGW) can be used to prevent malicious requests from returning data for multiple customers? Which of the following is NOT a valid target for realtime event logs on WebSphere DataPower? A solution implementer needs to write part of the information contained within a request message to a log in order to keep a record of the receipt of this message before sending the message to a backend for processing. The log message should be written to the system log. Which of the following could be used to provide this functionality? A DataPower Processing Policy has been coded to use DataPower variables. To analyze an error in one of the Rules a solution implementer has enabled the Probe. Which of the following are valid DataPower variable scopes visible in the Probe with the correct lifetimes? A company needs to be conformant with Web Services Interoperability (WSI) Basic Profile 1.0. In order to enforce that policy in WebSphere DataPower, the solution implementer must: Which of the following are offered by the WebSphere DataPower Integration Blade XI50B? A company is receiving digitally signed messages from a client, and responding with messages that have been encrypted using the client's signing certificate. The Encrypt action has been configured with the 'Use Dynamically Configured Recipient Certificate' parameter set to 'on'. Which of the following statements regarding this scenario is NOT true? A customer's WebSphere DataPower deployment has the following operational logging requirements: Every network or systemlevel error event should generate an SNMP Trap to the customer's Tivoli Management Console. Every DataPower Management Interface (WebGUI, CLI, and SOMA) access attempt event (success *and* failure) should generate a SOAP call to the customer's IDS (Intrusion Detection System). Messagelevel Authentication/Authorization failure events should generate an SNMP Trap to the customer's Tivoli Management Console. Events generated by the device's Certificate Monitor when a digital certificate is nearing expiration need to generate 'syslog' messages to the customer's syslog host named 'sysloghost a. example.com'. Events generated by inbound messages with invalid message encodings need to generate 'syslog' messages to the customer's syslog host named 'sysloghostb. example.com'. What is the minimum number of Log Targets that need to be configured in the DataPower logging system to accomplish this? A company wants to query a database to obtain authorization data for an authenticated user from a DB2 database. The parameterized query is of the form 'SELECT * FROM AUTH_ATTRIBUTE_TABL WHERE REQUESTER_ID=?'. Which of the following applies? A customer is receiving binary packed EDI using S/MIME over HTTP and S/MIME over FTP. The customer currently uses WebSphere Partner Gateway and WebSphere Transformation Extender to send functional acknowledgements, convert the message, and send a correlated response. The customer is interested in improving performance and scaling this architecture to remove some of the processing overhead. Which of the following would benefit the customer in this scenario? Which of the following IPv4 address classes supports a maximum of 256 addresses per subnet? For virusscanning message attachment , WebSphere DataPower appliances use which protocol to support integration with 3rdparty virus scanners? A customer wants to protect communication between two WebSphere DataPower appliances against a replay attack. The second DataPower appliance needs to validate that the messages received from the first appliance have spent no more than 30 seconds in transit. Which of the following configurations would meet these requirements? A company requires syncpoint on each message extracted from a Request Queue. The message is processed via HTTP by a backend system. If the WebSphere DataPower appliance does not successfully process the message, it should not be removed from the Request Queue. The company has created a Multi-Protocol Gateway Service which uses an MQ Front Side Handler and an MQ Queue Manager to facilitate this. How can syncpoint be implemented? Which of the following is NOT a required feature of a secure SSL connection? Which statement is NOT true about the Multi-Protocol Gateway (MPGW) service? The MPGW: Connectivity to which of the following protocols can be directly protected with SSL mutual authentication in WebSphere DataPower using firmware V3.8.1? A WSProxy Service is configured with a subscription to a Concept in WebSphere Service Registry and Repository (WSRR). A new WSDL is added to the Concept from the WSRR interface. What options are available for updating the WSProxy to include the new WSDL? A company has implemented a data masking Multi-Protocol Gateway (MPGW) named Log_MPGW. Log_MPGW is called from another MPGW named ESB_MPGW using a urlopen extension function call with option 'response=ignore' set. The service provided by Log_MPGW to ESB_MPGW is noncritical and should impact the performance of ESB_MPGW as little as possible. Which of the following are correct? A solution implementer is configuring a WebSphere DataPower appliance to receive messages from a partner, and then pass them to a backend. Responses from the backend must also be transformed before being returned to the partner. The partner is requiring that nonRepudiation must be guaranteed on the responses it receives from the DataPower appliance. Which of the following would provide this functionality? The WebSphere DataPower Low Latency Appliance XM70 supports which of the following protocols? While configuring RBM settings, which of the following are valid authentication methods? Which of the following is TRUE regarding a rule defined to use the PassThru message type? Which of the following is NOT available as a service object on a WebSphere DataPower Appliance? A company wants to ensure that all its backend SOAP/HTTPS services are protected from unauthorized internal access. The security architect has recommended SSL mutual authentication to be configured from WebSphere DataPower to the backend services. The SSL profile for mutual authentication is correctly configured on DataPower and the implementer wants to confirm if the backend services have configured their mutual authentication correctly. A successful transaction is run through DataPower to the backend services. Which of the following tests could the solution implementer use to confirm that mutual authentication is working correctly end-toend? A company is using WebSphere MQ to mediate messages between their frontoffice and backoffice applications. WebSphere DataPower appliances, as a part of the messaging hub solution, are responsible for processing certain types of messages arriving on designated queues on the same Queue Manager. This is a high performance environment and the key requirement for DataPower is to read messages from a designated queue and place copies of the message to the designated backend queues on the same Queue Manager under a single unit of work to prevent message loss. As a solution implementer, which of the following configuration options would be MOST optimized for this environment? Which of the following needs to take place to enable designtime testing of a WebSphere Transformation Extender map on a WebSphere DataPower appliance? A company wants to explore the use of a URL Rewrite Policy in a Multi-Protocol Gateway. Which of the following is TRUE? A URL Rewrite Policy: In order to notify of policy violations for incoming web services, the solution implementer must: Which of the following is the correct CIDR notation for the IP Address below? IP Address: 192.168.1.81 Subnet Mask: 255.255.255.0 A company is using WebSphere MQ and would like to configure WebSphere DataPower to provide high availability across queue managers. Which of the following objects need to be configured on the appliance to make use of this feature? A solution implementer would like to use a set of actions in a number of processing rules in a processing policy. To speed up configuration and maintenance the implementer has used the "Create Reusable Rule" button on the Policy editor screen of the WebGUI to create a Reusable Rule. This rule has then been dragged and dropped on to several other processing rules in the policy. Later, one of the actions in the reusable rule needs to be removed. Which of the following describes how this would be achieved? A solution implementer has created a WSProxy to allow clients to access backend web services. The web services may be altered and so the WebSphere DataPower appliance has been configured to subscribe to a UDDI Registry to retrieve the WSDLs for the backend web services and update the WSProxy accordingly. Any changes to the UDDI Registry must trigger immediate updates to the WSProxy. Which of the following will provide this functionality? A company wants to use the WebSphere DataPower SLM functionality to monitor messages from particular partners for particular backend functionality. The company needs to set up Credential and Resource Classes. Which of the following configurations would meet the requirements? A Multi-Protocol Gateway has been created to accept requests in a comma separated value format. The first action in the request rule is a binary transformation that converts the CSV to a simple XML format. The message must then be processed by further Transform actions. Which of the following is a valid option for the service Request Type? A customer would like to make improvements to one of their existing systems. One of the improvements is to provide ebXML Messaging Service (ebMS 2.0) support for this system. Based on this information, which of the following would be the best fit WebSphere DataPower service type for this scenario? SSL uses which encryption type to create a session between client and server? Which of the following is an advantage of using WS-Security instead of SSL?