C2150-609 IBM Security Access Manager V9.0 Deployment Questions and Answers

A customer has three LDAP servers: A master (ds1.example.com), another master (ds2.example.com) and a read-only replica (ds3.example.com) used for IBM Security Access Manager (ISAM) V9.0. The deployment professional has configured the ISAM runtime using ds1.example.com as the registration server.

Which configuration will provide load balancing for LDAP read across all three servers and failover to ds2.example.com for LDAP write?

An IBM Security Access Manager V9.0 deployment professional wants to shut down one of two restricted appliances in a cluster configured with Distributed Session Cache running reverse proxies for maintenance, and then repeat for the other. A load balancer directs traffic to reverse proxies on the two appliances with stickiness enabled.

What will allow for a graceful shutdown without any impact to end-users?

The web security department of an organization has found that their site is vulnerable to Denial of Service, Brute Force, Buffer Overflow and decided to use the Web Application Firewall (WAF) feature available in IBM Security Access Manager V9.0.

Even after enabling WAF, the site is still vulnerable to the above attacks. The deployment professional is pretty sure that the signature for these attacks have been released and has decided to check for X-Force updates.

How should the deployment professional check and update this?

The deployment professional wants to back up the embedded LDAP personal certificate, including the private key. They navigate to Manage System Settings -> SSL Certificates -> and select the "extract" option.

Which file format is the resulting certificate backup?

An IBM Security Access Manager (ISAM) V9.0 deployment professional has downloaded a snapshot from an ISAM virtual appliance configured with reverse proxy. This snapshot is being applied to another virtual appliance.

Which condition must be met before applying a snapshot form one virtual appliance to another?

A deployment professional creates a support file on an IBM Security Access Manager V9.0 appliance.

What is its purpose?

After a test cycle the deployment professional wants to search the WebSEAL WGA1 instance request log for HTTP 404 responses.

Where can this log be found in the Local Management Interface?

A customer has IBM Security Access Manager (ISAM) V9.0 Appliance A which will be used for the Point of Contact Server and the Context-based External Authorization Service. Appliance B will be used for the SAML 2.0 Service Provider.

What are the license requirements for Appliance A and B respectively?

What out-of-the-box feature of IBM Security Access Manager (ISAM) V9.0 enables invalidating a defined collection of back-end server generated HTTP cookies when the user logs off WebSEAL?

An IBM Security Access Manager V9.0 deployment professional executes the following steps:

1. Navigate to Edit SSL Certificate Database - embedded_ldap_keys

2. Select the embedded LDAP server certificate

3. Click Manage->Export

4. Save the resulting .cer file onto local desktop

Which task was the deployment professional performing?

A deployment professional is developing a script using REST APIs to monitor the status of WebSEAL instances.

Which attribute and value indicates a WebSEAL instance is down?

What method can be used to upload firmware to an IBM Security Access Manager V9.0 virtual appliance? .

A company has deployed an IBM Security Access Manager V9.0 solution to protect web resources and now wants to secure access to enterprise resources from mobile devices. The security deployment professional needs to run a utility to configure the existing WebSEAL with the instance of the appliance that provides the authorization server for Advanced Access Control.

Which utility tool will perform this configuration?

The IBM Security Access Manager system V9.0 deployment professional is planning to use a WebSEAL cluster in order to simplify the ongoing management of the system.

Which statement is correct about using a WebSEAL cluster?

An IBM Security Access Manager (ISAM) V9.0 customer is deploying a new WebSphere based Java application and wants to protect it via an ISAM Web Reverse Proxy. The user registries are not shared between ISAM and Websphere Application Server.

Which trust configuration can be used to achieve Single Sign On between ISAM Web Reverse Proxy and Websphere Application Server?

Which hypervisor supports hosting the IBM Security Access Manager (ISAM) 9.0 virtual appliance?

An IBM Security Access Manager V9.0 Reverse Proxy has a stateful junction to a Portal application called “/wps”. There is no web server in front of Portal. This junction has three Portal servers defined behind it. The Portal team needs to do maintenance on each of the three servers. The team wants to accomplish this with least impact to end users.

Which pdadmin "server task" based steps will accomplish this?