C2150-609 Online Practice Questions and Answers

A company has a large number of users who use mobile applications. The company wants to implement context-aware access controls for these resources.

Which module of IBM Security Access Manager V9.0 should the company enable to support this requirement?

A. Federation module

B. Protocol Analysis module

C. Mobile Access Control module

D. Advanced Access Control module

A request for a virtual host junction shows an unexpected source IP address.

Which troubleshooting tool can be used to investigate this issue?

A. Host File

B. Snapshots

C. Support Files

D. Packet Tracing

A customer received a replacement hardware appliance, but on boot up it has a different firmware than that for IBM Security Access Manager (ISAM) V9.0. The appliance needs to be flashed to ISAM V9.0. The appliance needs to be rebooted with a bootable USB drive formatted as FAT32.

Which file format is needed to create the bootable drive?

A. .iso

B. .ova

C. .pkg

D. .img

The customer currently maintains all its users in Active Directory. As part of its new IBM Security Access Manager (ISAM) V9.0 deployment, the customer understands it will have to implement the ISAM "Global Sign-on (GSO)" to archive SSO with certain backend applications which do their own authentication and cannot be modified.

Which federated repositories configuration will address the customer requirements?

A. Use an external ISDS LDAP as the ISAM primary LDAP, federate with the AD and import all AD users into the ISAM TDS.

B. Configure the AD as the ISAM Primary LDAP, which will create the necessary secauthority= default suffix. Import all users into the ISAM AD.

C. Use the ISAM embedded LDAP as the Primary LDAP, federate with the AD and configure "basic user", and specify "basic-user-principal-attribute= samAccountName"

D. Use an external ISDS LDAP as the Primary LDAP, federate with the AD, configure "basic user", specify "basic-user-principal-attribute= samAccountName" and "basic-user-suffix= secauthority=default".

After a test cycle the deployment professional wants to search the WebSEAL WGA1 instance request log for HTTP 404 responses.

Where can this log be found in the Local Management Interface?

A. Monitor> Manage Reverse Proxy Log Files, select the WGA1 instance, select the request.log file and click View

B. Monitor> Application Log Files, expand the var/logs/pdweb/WGA 1 folder, select the request.log file and click View

C. From the Home page, click on the WGA1 instance in Reverse Proxy Health widget, select the request.log file and click View.

D. Secure Web Settings> Reverse Proxy, select the WGA1 instance, access the Manage> Troubleshooting> Tracing menu item, select the request.log file and click View

A system is configured with two IBM Security Access Manager (ISAM) V9.0 reverse proxy servers behind a load balancer, and it is planned to use forms-based user authentication. It is a requirement that if a reverse proxy were to fail, users that were already logged in would not be required to log in again.

Which two configurations can the deployment professional use to achieve this? (Choose two.)

A. Configure the system to use LTPA cookies

B. Configure the system to use session cookies

C. Configure the system to use failover cookies

D. Configure the system to use the global signon (GSO) cache

E. Configure the system to use the Distributed Session Cache (DSC)

An IBM Security Manager V9.0 deployment professional responsible for a large cluster notices the clocks among the nodes are not in sync and needs to update settings to ensure the clocks are synchronized.

Which setting should be used to help keep times synchronized?

A. Set NTP settings in /etc/ntp.conf

B. Set NTP settings in the components conf file

C. Set NTP settings using the LMI at the Date/Time panel

D. Set NTP settings using the LMI at he Advanced Tunings panel

What method can be used to upload firmware to an IBM Security Access Manager V9.0 virtual appliance?

A. USB

B. SCP

C. FTP

D. VMware tools

A deployment professional needs to update the certificate used by the LMI.

Which steps should the deployment professional follow to complete this task?

A. Navigate in the LMI to manage system settings -> Management SSL Certificate -> Upload p12 file

B. Navigate in the LMI to manage system settings -> Management SSL Certificate -> Request New Certificate from CA

C. Navigate in the LMI to manage system settings -> Management SSL Certificate -> Update rt_profile_keys key file

D. Navigate in the LMI to manage system settings -> Management Authorization -> Update rt_profile_keys key file

The deployment professional (testuser1) is currently logged into the appliance, but cannot read the IBM Security Access Manager (ISAM) V9.0 event logs. Management authorization is configured as shown in the following screenshot.

What is the most likely cause of this issue?

A. Write permission is required for the Event Log Feature.

B. The Global Administrator role lacks the necessary privileges.

C. Userid "testuser1" has not been added to the ISAMAdmins LDAP group.

D. There is a connectivity issue and the LDAP containing userid "testuser1" cannot be contacted.