IBM C2150-609 Exam Questions Instant Access

Question 1

An IBM Security Access Manager V9.0 systems deployment professional needs to protect a back-end web applications from SQL injection attacks that match signatures from the IBM X-Force signature database.

Which action needs to be performed?

ASimulation Mode must be enabled and a Risk Profile must be specified.

BWeb Content Protection must be enabled and a Risk Profile must be specified.

CSimulation Mode must be enabled and a Registered Resource must be specified.

DWeb Content Protection must be enabled and a Registered Resource must be specified.

Answer : A

Question 2

A deployment professional creates a support file on an IBM Security Access Manager V9.0 appliance.

What is its purpose?

AFor backup and recovery

BTo re-image the appliance

CTo help troubleshoot problems with the appliance

DTo capture a snapshot of the appliance configuration

Answer : B

Question 3

In an organization's testing environment, the IBM Security Access Manager V9.0 deployment professional is required to deploy the virtual appliance on Amazon EC2 with a single reverse proxy instance with a single network interface.

How should the deployment professional configure the reverse proxy so that end-users can access the reverse proxy without specifying a non-standard port (other than 80 and 443)?

AUse port forwarding to map non-standard port to a standard port on appliance using LMI

BUse port forwarding to map non-standard port to a standard port on appliance using CLI

CConfigure appliance management port to listen on non-standard port and set reverse proxy port to listen on standard port using LMI

DConfigure appliance management port to listen on non-standard port and set reverse proxy port to listen on standard port using CLI

Answer : A

Question 4

An IBM Security Access Manager V9.0 deployment professional is charged with monitoring request response times from WebSEAL to the backend. The deployment professional wants the flexibility to see response times per request, per junction, per HTTP return code, or other criteria that may come up in the future.

What action will generate the required data for this analysis?

ACustomize the request.log to include response times

BRun pdadmin 'stats get pdweb.jct' on all junctions on a regular basis

CRun pdadmin 'stats get pdweb.https' and 'stats get pdweb.http' on a regular basis

DWrite a REST API script to pull 'application interface statistics' on a regular basis

Answer : D

Question 5

A deployment professional has configured Federated Single Sign-On using IBM Security Access Manager V9.0 with WebSEAL as point of contact.

Which two things need to be configured to achieve Single Log Out (SLO) in the SAML 2.0 Federation? (Choose two.)

AThe page displayed after pkmslogout is called (logout.html)

BThe creation of user session ID's ([session] user-session-ids = yes)

CThe passing of session cookies to junctioned servers (-k option in the junction creation)

DThe URIs that receive a single signoff request ([acnt-mgt] single-signoff-uri = /applications/sign off)

EThe appropriate extended attribute to the Federation junction (HTTP-Tag-Value user_session_id=user_session_id)

Answer : C, D

Question 6

A deployment professional has created a new SAML 2.0 Service Provider federation and added an Identity Provider partner.

What will be the next step to allow users to single sign-on to the service?

AConfigure trigger URL

BUpload a mapping rule

CImport Identity Provider metadata

DCreate a certificate to sign SAML messages

Answer : B

Question 7

The appliance dashboard Reverse Proxy Health widget indicates a problem with the /snoop junction on the Test instance.

Which log file can be examined to find product errors?

Aagent.log

Breferer.log

Crequest.log

Dmsg___webseald-Test.log

Answer : C

IBM Security Access Manager V9.0 Deployment C2150-609 Exam Questions