Fundamentals of Applying IBM Security Systems Identity and Access Assurance v6.0

Page:    1 / 5   
Exam contains 65 questions

You are designing a network topology for IBM Security Web Gateway Appliance. The customer is using the appliance.
Where do you place the appliance?

  • A. Office LAN
  • B. Demilitarized zone (DMZ)
  • C. Dedicated security network
  • D. General-purpose application network


Answer : C

A customer is not allowing the usage of self-signed certificates in its production environment. The customer has its own Public Key Infrastructure (PKI), and all certificates should be issued by this Certification Authority using their internal processes.
What needs to be done when going into production with the IBM Security products from the
Identity and Access Assurance software bundle?

  • A. Configure all security components to use the PKI from the customer. Required certificates will automatically be generated and trusted during installation.
  • B. Use the IBM keytool to reconfigure all communication channels to use one single certificate issued by the Certification Authority of the Customer. Put the Certification Authority certificate in the truststore of the keytool.
  • C. Identify all communication channels using SSL, and create Certificate Signing Requests for them. After receiving the certificates, configure all secure communication channels to use these certificates, and install the Certification Authority certificate in the truststore of all involved components.
  • D. Identity all communication channels using SSL, and extract the involved self-signed certificates. Submit these to the Certification Authority of the customer to be cross-signed. Reconfigure the communication channels to use these new certificates and put the Certification Authority certificate in the truststore of all involved components.


Answer : B

A health care facility requires its physicians and staff to complete certain courses offered through its learning management system, prior to getting accounts and access in its patient management application.
Which functional requirement aligns with this business requirement?

  • A. Accounts in the patient management system must be manually provisioned by Service Desk.
  • B. Physicians and staff must complete required training courses prior to being allowed to login to the network.
  • C. The learning management system must also support provisioning functions, in order to meet this business requirement.
  • D. During onboarding, physicians and staff must be granted login to the network and the learning management system in order to access the required courses.


Answer : D

A retail customer wants employees to be able to access all IT-related resources by providing one single user ID and password combination on a distributed number of
Microsoft Windows-based kiosks throughout the retail floor and in individual office environments.
Which product will help the customer accomplish this?

  • A. IBM Security Identity Manager
  • B. IBM Security Directory Server
  • C. IBM Security Access Manager for Web
  • D. IBM Security Access Manager for Enterprise Single Sign-On


Answer : D

A corporate policy states that the service desk resets passwords after five failed logon attempts.
Which IBM Security Access Manager report provides the user identity qualifying for a password reset?

  • A. Locked Account History
  • B. User Password Change History
  • C. Failed Authorization Event History
  • D. Failed Authentication Event History


Answer : A

An analyst is designing an optimized web architecture for an IBM Security Access Manager for Web based solution that provides context based authorization.
Which statement about authorization decisions is true in this situation?

  • A. It must be performed as necessary.
  • B. It must be performed on every request.
  • C. It must be performed when users authenticate.
  • D. It must be performed at scheduled time intervals.


Answer : C

Which operating system must be selected when creating a virtual machine to install IBM
Security QRadar Log Manager V7.1?

  • A. AIX
  • B. Windows server 2008 R2
  • C. Red Hat Enterprise Linux 6 (64-bit)
  • D. Red Hat Enterprise Linux 5.1 (64-bit)


Answer : C

What is the log-in account type requirement for installing IBM Security Access Manager for
Web on a UNIX system?

  • A. root
  • B. ivmgr
  • C. pdadmin
  • D. superadmin


Answer : A

When designing an organization's tree structure in IBM Security Identity Manager, why is it advisable to put users and services in different containers?

  • A. It is easier to troubleshoot.
  • B. It allows segregation of duties.
  • C. It simplifies delegated administration.
  • D. It improves the directory's performance.


Answer : A

The customer is considering implementing IBM Security Identity Manager.
What is the benefit of adding IBM Security Identity Manager to the customer's existing environment?

  • A. Reduced cost
  • B. Single Sign-On
  • C. Auditing of attempts to access the application
  • D. Eliminates the need to manage the identities at the application level


Answer : B

All of a customer's business applications run on either IBM WebSphere Application Server or Microsoft Internet Information Services. The employees using these applications use a mixture of laptops running Windows, laptops running Linux, iPads, and Android tablets.
What Single Sign-On solution do you propose?

  • A. IBM Security Identity Manager
  • B. IBM Security Directory Server
  • C. IBM Security Access Manager for Web
  • D. IBM Security Access Manager for Enterprise Single Sign-On


Answer : B

A company plans to deploy an IBM Security Access Manager for Enterprise Single Sign-On solution to help address security and productivity issues. According to its corporate security policy, the organization has detailed requirements related to password management for its enterprise applications.
Which security requirements (with regard to user ID and password) need to be captured?

  • A. Details related to application user ID requirements
  • B. Policy requirements related to the number of applications that a user can access
  • C. Policy requirements for application and user initiated password resets and password complexity
  • D. User ID and password policy requirements are best addressed within the application space rather than in an Enterprise Single Sign-On project.


Answer : D

A large manufacturing company has employees in many different countries in the world.
The information security team is looking to deploy the IBM QRadar Log Manager.
Which requirement can be met by this solution?

  • A. Risk based, context aware, access management
  • B. Central storage of all security events in the environment
  • C. Management of all user, service and privileged identities
  • D. Authentication of users without storing user passwords in all applications


Answer : A

A customer wants to use integrated solutions comprising of IBM Tivoli Federated Identity
Manager STS in a SOA environment.
Which solution can help in deploying fully integrated TFIM in this situation?

  • A. IBM HTTP Server
  • B. IBM Enterprise Integrator
  • C. IBM WebSphere Application Server
  • D. IBM Smartcloud for Social business


Answer : C

A client has these requirements:
1. Enterprise, web. and federated single sign-on, inside, outside, and between organizations, including cloud deployments.
2. Identity and access support for files, operating platforms, web. social networks, and cloud-based applications.
3. Integration with stronger forms of authentication (smart cards, tokens, one-time passwords, and so forth).
4. Automated monitoring, investigating
Which combination of security products will fulfill the client's needs?

  • A. IBM Security Identity Manager and IBM Tivoli Federated Identity Manager
  • B. IBM Security Identity and Access Assurance (ISIM, ISAM, TFIM,QRadar)
  • C. IBM Security Access Manager for Web and IBM Tivoli Federated Identity Manager
  • D. IBM Security Access Manager for Enterprise Single Sign On and IBM Security Identity Manager


Answer : D

Page:    1 / 5   
Exam contains 65 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us

Certlibrary doesn't offer Real Microsoft Exam Questions.
Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.