C2150-609無料問題集「IBM Security Access Manager V9.0 Deployment」

質問 1

During installation WebSEAL provides a default certificate key database that is used to authenticate both clients and junctioned servers.
Which stanza entry of the WebSEAL configuration file points to the default certificate key database (i.e. kdb file)?

（A）webseal-cert-keyfile

（B）ssl-keyfile

（C）webseal-cert-keyfile-label

（D）jct-cert-keyfile

正解：D 解答を投票する

質問 2

A deployment professional is configuring context based access for a protected resource junctioned by WebSEAL.
What must be explicitly set in order to invoke the runtime security services EAS to authorize a request?

（A）Protected Object Policy (POP)

（B）Authorization rule

（C）Policy Information Point (PIP)

（D）Trigger-url

正解：A 解答を投票する

質問 3

A deployment professional attempts to log into an appliance which is part of a cluster to run pdadmin commands and receives the following message:
pdadmin> login -a sec_master -p password
2016-03-03-02:04:38.683-06:001------0x1354A420 pdadmin ERROR ivc socket mtsclient.cpp 2376
0x7fc2b7b0c720
HPDCO1056E Could not connect to the server 192.168.254.11, on port 7135.
Error: Could not connect to the server. (status 0x1354a426)
What should the deployment professional check concerning the login target?

（A）Login was attempted on a special node

（B）Login was attempted on a non-primary master of a cluster and the primary policy server is down

（C）Login was attempted on a restricted node

（D）Login was attempted on a secondary master that has not been promoted to the primary

正解：A 解答を投票する

質問 4

What are two key benefits of deploying IBM Security Access Manager V9.0? (Choose two.)

（A）Enhanced Session Recording features

（B）Federated Single Sign On capabilities

（C）Secure user access to web and mobile applications

（D）Session Management Server module

（E）Enhanced user life-cycle management

正解：A、E 解答を投票する

質問 5

A network contains an additional network segment between the user segment and the appliance. This causes traffic to flow in and out on different interfaces.
How can this be overcome?

（A）Use Virtual Host junctions

（B）Use static routes

（C）Use vector based routing

（D）Use a default gateway

正解：B 解答を投票する

質問 6

An attacker has compromised the private key associated with a certificate.
Which two methods can be used to ensure that certificates have not been revoked by the Certification authority that issued it? (Choose two.)

（A）Certificate Rejection List located in LDAP

（B）Public Key Information

（C）Certificate Revocation List located in LDAP

（D）Online Status Certificate Protocol

（E）Online Certificate Status Protocol

正解：A、C 解答を投票する

質問 7

A deployment professional has configured Federated Single Sign-On using IBM Security Access Manager V9.0 with WebSEAL as point of contact.
Which two things need to be configured to achieve Single Log Out (SLO) in the SAML 2.0 Federation? (Choose two.)

（A）The passing of session cookies to junctioned servers (-k option in the junction creation)

（B）The appropriate extended attribute to the Federation junction (HTTP-Tag-Value user_session_id=user_session_id)

（C）The URIs that receive a single signoff request ([acnt-mgt] single-signoff-uri
/applications/sign off)

（D）The page displayed after pkmslogout is called (logout.html)

（E）The creation of user session ID's ([session] user-session-ids = yes)

正解：A、C 解答を投票する

質問 8

An IBM Security Access Manager V9.0 deployment specialist is getting reports of failing requests. Analysis of a support file shows many connections to the backend server in TIME_WAIT state?
Where is the setting "sysctl.net.ipv4.tcp_tw_reuse = 1" added?

（A）In the LMI "Manage System Settings -> Network Settings -> Tuning" panel

（B）In the [server] stanza of the reverse proxy instance conf file

（C）In the LMI "Manage System Settings -> System Settings -> Advanced Tuning Parameters" panel

（D）In the [tcp] stanza of the reverse proxy instance conf file

正解：C 解答を投票する

質問 9

An IBM Security Access Manager V9.0 deployment at a customer has enabled audit.authz, audit.authn, audit,http for meeting auditing requirements and results in large volume of audit records and poses significant data management challenges to the client. The customer wants to exclude the audit events to certain static resources such as images.
What action should be taken to implement this?

（A）Disable audit.http.unsuccessful events only

（B）Disable audit.http events only

（C）Define a POP with the audithttp set to "no"; attach this to the static resources

（D）Define an ACL with the audithttp operation set to "no"; attach this to the static resources

正解：C 解答を投票する

質問 10

CORRECT TEXT
A customer has expressed the requirement that users accessing online banking application must first authenticate using a userid/password and successfully enter a one-time PIN which is texted to a cell phone.
Which two IBM Security Access Manager (ISAM) V9.0 modules are required to fully implement the solution? (Choose two.)

（A）ISAM Access Manager Platform

（B）ISAM Advanced Control Module

（C）ISAM Federation Module

（D）ISAM PAM Module

（E）ISAM Cloud Module

正解：A、B 解答を投票する

C2150-609 無料問題集「IBM Security Access Manager V9.0 Deployment」

弊社を連絡する

関連リンク

トップ試験