C2150-198 - IBM Security Access Manager V7.0 Implementation Exam

Go back to IBM

Example Questions

What is the default port number of LDAP traffic encrypted using SSL? Which statement is true when referencing WebSEAL Certificate Revocation List (CRL) and Online Certificate Status Protocol (OCSP) support? What HTTP header field is used by an external authentication interface (EAI) server to provide to WebSEAL the user identity? Which hypervisor is supported with IBM Security Access Manger Web Gateway Virtual Appliance? Which command is used to synchronize the configuration data between the two Webseal Servers? ? web1-Webseald-abc.ibm.com server (data extracted) ?web2-Webseald-xyz.ibm.com (target) Which two aspects of logging event activity can be controlled? (Choose two.) Which utility provides backup, restore, and extract capabilities for Security Access Manager data? What are two supported Single Sign-On methods used for WebSphere Application Server? (Choose two.) Which statement is true when using the WGA with the internal LDAP? Which registry is NOT supported by ISAM 7? What two conditions affect content caching configuration in a WebSEAL environment? (Choose two.) Which file contains the configuration information for the Security Access Manager plug-on for Web Servers? What is the default credential to log on to ISAM 7 WGA command-line interface? When using the IBM Security Access Manager, which ISAM component needs to be installed first? In an ISAM 7.0 solution, in which network zone should the WebSEAL Server component for internet access reside? Which two can be used to manage the SSL certificates on the Web Gateway Appliance? (Choose two.) Which configuration enables the day time error page? What would the command "ldapsearch -p 389 -D cn=root -w ? -b cn=connections,cn=monitor -s base objectclass=*" return? After an authorization rule is evaluated, which two identifiers can be returned? (Choose two.) Recently the Risk Officer of your organization discovered that all key databases containing web certificates in the organization are protected with a very weak password. You are assigned to change the password on every key database into a more complex one. How can this be accomplished? How can the audit trail facility be enabled for WebSEAL? What POP attribute is necessary to require SSL encryption to access a particular resource? What pdbackup command restores the contents of an Access Manger archived file on a Windows operating system to a specific folder? Which two are supported operating systems for IBM Security Access Manager v7.0? (Choose two.) Which external component is NOT required to use IBM Security Access Manger Web Gateway Appliance? Statistical reporting can be enabled dynamically, making it possible to overrule the static configuration. How can this be achieved? What is the default Runtime environment routing file on a UNIX-based system? When configuring a Standby Policy Server environment for Security Access Manager environment on AIX, what two conditions apply? (Choose two.) Given a default setup of ISAM, ITDS and a Microsoft SharePoint backend. A Web environment is experiencing performance issues. In order to analyze tracing is temporary switched on using the following commands. server task web04-webseald-unix08 trace set pdweb.debug 2 file path=/tmp/trace.log server task web04-webseald-unix08 trace set pdweb.debug 0 During analysis of the trace.log various common occurrences appear, the following trace.log extract displays only the lines important for this question. 2013-05-26-22:08:01.681+02:00I ----------------- Browser ===> PD ----------------- 2013-05-26- 22:08:01.684+02:00I ----------------- Browser <=== PD ----------------- 2013-05-26- 22:08:09.283+02:00I ----------------- Browser ===> PD ----------------- 2013-05-26- 22:08:16.682+02:00I ----------------- PD ===> BackEnd ----------------- 2013-05-26- 22:08:17.049+02:00I ----------------- PD <=== BackEnd ----------------- 2013-05-26- 22:08:17.051+02:00I ----------------- Browser <=== PD ----------------- What can be concluded by analyzing this trace excerpt? Which statement is true for the Local Management Interface (LMI)? How do you configure two different external authentication interface (EAI) servers that use different HTTP header fields for their results? Which statement describes the core components of IBM Security Access Manager infrastructure? How are ISAM users and groups logically separated within a single policy server? What are two advantages of using persistent connections between WebSEAL and a junctioned backend server? (Choose two.) When using the pdbackup utility, when would the "amwebbackup-default.lst" file need to be updated? How do you avoid an unreliable back-end causing problems with other junctions? What WebSEAL functionality is supported by the IBM Security Access Manger Web Gateway Appliance? How would you supply the user identifier from WebSEAL to a custom web application in the HTTP header, without requiring base64 to be used in the application? Which statement regarding WebSEAL gateway appliance junction backend servers is true? If someone tries to gain access to a user's account by carrying out a dictionary attack but fails, which report will show an attack to an environment? What command will list all components that are available to gather and report statistics for the given WebSEAL instance 'internet'? Your organization has changed their preferred Certificate Authority (CA) recently. Currently you are finishing the configuration of a new set of WebSEAL instances for the new production website. You already created a certificate request and now much insert the response of the CA. During the import of the CA response in iKeyman, what could cause an error message to be displayed? What command is used to apply necessary ACLs to an ldap suffix in order for Security Access Manager to be able to manage user and group information within that suffix? For an existing junction on the WebSEAL Gateway Appliance, what method should be used to add an additional backend server? If a user's account was compromised and the password was immediately changed by an unauthorized user, which report details all events executed for a specific period in time? What is the correct archive file If pdbackup -a backup -list C:\Program Files\Tivoli\Policy Director\etc\pdbackup.lst is executed using ISAM on a Windows Server? Which policy can be set for Security Access Manager user accounts? What displays logon forms from an external authentication interface (EAI) server? An organization is facing the following challenge: Customers authenticate using a username and password, Business Partners are using a certificate to authenticate, and employees are using a token device. Within the WebSEAL architecture, how can this be achieved? When using step-up authentication, where is the authentication level from the EAI authentication specified?