The IBM Security Access Manager V9.0 Deployment exam C2150-609 is a 105-minute assessment with 69 questions. Likewise, the IBM C2150-609 Security Access Manager V9.0 certification exam verifies the candidate's acquaintance and core understanding with the Access Management, IBM Security, and Network Administration. IBM 105 exam is associated with the Security Access Manager V9.0 Certification. IBM 105 Exam helps you to upgrade credential, as the content is aligned with the exam topics;
- Demonstrate a knowledge of the features and capabilities of the ISAM Base, ISAM Advanced Access Control Module, and ISAM Federation Module,
- Prepare and install the appliance in different virtual environments,
- Configure Federated Directory(s).
Exam Code: C2150-609
Exam Name: IBM Security Access Manager V9.0 Deployment
Exam Vendor: IBM
Version: 8.0
Question: 1
A customer has a developed an OAuth 2.0 Client application to access resources on behalf of a user. The customer states that the OAuth client has the following two constraints:
1. The OAuth client is not capable of maintaining its credentials confidential for authentication with the authorization server.
2. The resource owner does not have a trust relationship with the client
What is the suitable OAuth 2.0 grant type for the API Protection Policy if the user resource accessed by the OAuth 2.0 client is to be protected by IBM Security Access Manager V9.0?
A. Implicit Grant
B. Client Credentials Grant
C. Authorization Code Grant
D. Resource Owner Password Credentials Grant
Answer: B
Question: 2
In a customer environment, a REST API client is being developed to carry out Reverse Proxy configuration and maintenance. As part of one of the activities the customer needs to update the junction information with an additional Backend Server. The customer has written a REST API client but is not able modify the junction.
Which HTTP headers should the customer pass?
A. Host, Authorization
B. Host, Accept: Application/json
C. Authorization, Accept:Application/json
D. content-type:application/json, Authorization
Answer: C
Question: 3
During installation, WebSEAL provides a default certificate key database that is used to authenticate both clients and junctioned servers.
Which stanza entry of the WebSEAL configuration file points to the default certificate key database (i.e. kdb file)?
A. ssl-keyfile
B. jct-cert-keyfile
C. webseal-cert-keyfile
D. webseal-cert-keyfile-label
Answer: B
Question: 4
A company has a large number of users who use mobile applications. The company wants to implement context-aware access controls for these resources.
Which module of IBM Security Access Manager V9.0 should the company enable to support this requirement?
A. Federation module
B. Protocol Analysis module
C. Mobile Access Control modulo
D. Advanced Access Control module
Answer: A
Question: 5
A request for a virtual host junction shows an unexpected source IP address.
Which troubleshooting tool can be used to investigate this issue?
A. Host File
B. Snapshots
C. Support Files
D. Packet Tracing
Answer: A
Question: 6
An IBM Security Access Manager V9.0 deployment professional is charged with monitoring request response times from WebSEAL to the backend. The deployment professional wants the flexibility to see response times per request, per junction, per HTTP return code, or other criteria that may come up in the future.
What action will generate the required data for this analysis?
A. Customize the request.log to include response times
B. Run pdadmin "stats get pdweb.jct" on all junctions on a regular basis
C. Run pdadmin "stats get pdweb.https" and "stats get pdweb.http" on a regular basis
D. Write a REST API script to pull "application interface statistics" on a regular basis
Answer: D
Question: 7
A deployment professional attempts to log into an appliance which is part of a cluster to run pdadmin commands and receives the following message:
pdadmin> login -a sec_master -p password
2016-03-03-02:04:38.683-06:001------0x1354A420 pdadmin ERROR ivc socket mtsclient.cpp 2376
0x7fc2b7b0c720
HPDCO1056E Could not connect to the server 192.168.254.11, on port 7135.
Error: Could not connect to the server. (status 0x1354a426)
What should the deployment professional check concerning the login target?
A. Login was attempted on a special node
B. Login was attempted on a restricted node
C. Login was attempted on a secondary master that has not been promoted to the primary
D. Login was attempted on a non-primary master of a cluster and the primary policy server is down
Answer: A
Question: 8
A customer is migrating from TAM v6.1 running on AIX to IBM Security Access Manager (ISAM) V9.0 hardware appliances.
Which information from the TAM v6.1 environment will be useful in sizing the new ISAM V9.0 hardware configuration?
A. WebSEAL request logs
B. WebSEAL CDAS specifics
C. Number of LDAP replicas
D. Number of objects in the protected object space
Answer: D
Question: 9
There is an SSL connectivity issue between the IBM Security Access Manager V9.0 Reverse Proxy and the backend business application.
Which two troubleshooting commands under Tools in the application SSH interface can be used to validate the Reverse Proxy can successfully connect to the backend host:secure-port? (Choose two.)
A. ping
B. session
C. connect
D. traceroute
E. connections
Answer: B-C
Question: 10
An IBM Security Access Manager V9.0 Reverse Proxy has a stateful junction to a Portal application called “/wps”. There is no web server in front of Portal. This junction has three Portal servers defined behind it. The Portal team needs to do maintenance on each of the three servers. The team wants to accomplish this with least impact to end users.
Which pdadmin "server task" based steps will accomplish this?
A. Stop a server, have Portal team apply maintenance, bring the server online - repeat for the other two servers
B. Delete a server, have Portal team apply maintenance then add server back - repeat for the other two servers
C. Take a server offline, have Portal team apply maintenance, bring the server online - repeat for the other two servers
D. Throttle a server, ensure activity has ceased for that server, have Portal team apply maintenance, bring the server online - repeat for the other two servers
Answer: C
For More Exam Questions and Answers Click this URL:
No comments:
Post a Comment