746 お客様のコメント
質問 1:
The deployment professional (testuseri) is currently logged into the appliance, but cannot read the IBM Security Access Manager (ISAM) V9.0 event logs. Management authorization is configured as shown in the following screenshot.
What is the most likely cause of this issue?
A. There is a connectivity issue and the LDAP containing userid "testuserl" cannot be contacted.
B. The Global Administrator role lacks the necessary privileges.
C. Userid "testuserl" has not been added to the ISAMAdmins LDAP group.
D. Write permission is required for the Event Log Feature.
正解:C
質問 2:
An IBM Security Access Manager V9.0 deployment professional wants to be alerted by the appliance for events like certificate expiry.
In which two ways can these alert notifications be configured? (Choose two.)
A. Desktop Alert
B. Remote Syslog
C. SMS text
D. SNMP
E. RSS Feed
正解:C,E
質問 3:
Multiple hostnames are mapped to a single IP address used by a WebSEAL instance, listening on the default HTTPS port. For each host name requested in the browser, WebSEAL needs to present a different certificate.
What can the deployment professional do to meet this requirement?
A. Enter multiple values for the "webseal-cert-keyfile-label" parameter in the [ssl] stanza of the WebSEAL configuration
B. Configure an additional interface in the WebSEAL configuration file, and add a
"certificate-label" for each hostname
C. Configure WebSEAL to use Server Name Indication
D. Configure separate WebSEAL instances for each hostname
正解:C
質問 4:
The security deployment professional of an IBM Security Access Manager V9.0 solution has been using routing files to customize message logging.
Which aspect of the logging activity can be controlled?
A. Delete log files
B. HTML formatting
C. Size of log file
D. Log compression
正解:C
質問 5:
A deployment professional is developing a script using REST APIs to monitor the status of WebSEAL instances.
Which attribute and value indicates a WebSEAL instance is down?
A. Instance "health" with a value of "1"
B. Instance "status" with a value of "running"
C. Root junction (/) "health" with a value of "1"
D. Root junction (/) "status" with a value of "running"
正解:A
質問 6:
In an IBM Security Access Manager (ISAM) V9.0 Federated SSO flow, the ISAM V9.0 appliance is used as the Service Provider. The SSO is I DP initiated. The I DP initiated unsolicited SSO doesn't have the target URL specified where Service Provider should be sending the user after consuming the SAML2.0 Assertion. The implementer of the SSO provider has been given the task of providing Target URL through a mapping rule in the Service Provider configuration.
How should this requirement be achieved in the mapping URL?
A. login-redirect in <webseald>.conf
B. local-response-redirect in <webseald>.conf
C. ITFIM attribute target_url in <serviceprovidermapping>.xslt
D. itfim_override_targeturl in <serviceprovidermapping>.js
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 7:
A customer has deployed an IBM Security Access Manager V9.0 solution to protect web applications. After the initial authentication between the client and WebSEAL, WebSEAL can build a new Basic Authentication header and use the -b option to provide the authenticated Security Access Manager user name (client's original identity) together with a predefined static password across the junction to the back-end server.
Which configuration option will accomplish this?
A. -b gso
B. -b ignore
C. -b supply
D. -b filter
正解:B
質問 8:
A customer deployment consists of a large number of virtual host junction definitions.
During a troubleshooting session the deployment professional realizes the WebSEAL logs do not distinguish between requests to different virtual hosts.
How can this be remediated?
A. Customize the request log to include the relative URL
B. Customize the message log to include the absolute URL
C. Customize the request log to include the absolute URL
D. Customize the message log to include the relative URL
正解:A
The deployment professional (testuseri) is currently logged into the appliance, but cannot read the IBM Security Access Manager (ISAM) V9.0 event logs. Management authorization is configured as shown in the following screenshot.
What is the most likely cause of this issue?
A. There is a connectivity issue and the LDAP containing userid "testuserl" cannot be contacted.
B. The Global Administrator role lacks the necessary privileges.
C. Userid "testuserl" has not been added to the ISAMAdmins LDAP group.
D. Write permission is required for the Event Log Feature.
正解:C
質問 2:
An IBM Security Access Manager V9.0 deployment professional wants to be alerted by the appliance for events like certificate expiry.
In which two ways can these alert notifications be configured? (Choose two.)
A. Desktop Alert
B. Remote Syslog
C. SMS text
D. SNMP
E. RSS Feed
正解:C,E
質問 3:
Multiple hostnames are mapped to a single IP address used by a WebSEAL instance, listening on the default HTTPS port. For each host name requested in the browser, WebSEAL needs to present a different certificate.
What can the deployment professional do to meet this requirement?
A. Enter multiple values for the "webseal-cert-keyfile-label" parameter in the [ssl] stanza of the WebSEAL configuration
B. Configure an additional interface in the WebSEAL configuration file, and add a
"certificate-label" for each hostname
C. Configure WebSEAL to use Server Name Indication
D. Configure separate WebSEAL instances for each hostname
正解:C
質問 4:
The security deployment professional of an IBM Security Access Manager V9.0 solution has been using routing files to customize message logging.
Which aspect of the logging activity can be controlled?
A. Delete log files
B. HTML formatting
C. Size of log file
D. Log compression
正解:C
質問 5:
A deployment professional is developing a script using REST APIs to monitor the status of WebSEAL instances.
Which attribute and value indicates a WebSEAL instance is down?
A. Instance "health" with a value of "1"
B. Instance "status" with a value of "running"
C. Root junction (/) "health" with a value of "1"
D. Root junction (/) "status" with a value of "running"
正解:A
質問 6:
In an IBM Security Access Manager (ISAM) V9.0 Federated SSO flow, the ISAM V9.0 appliance is used as the Service Provider. The SSO is I DP initiated. The I DP initiated unsolicited SSO doesn't have the target URL specified where Service Provider should be sending the user after consuming the SAML2.0 Assertion. The implementer of the SSO provider has been given the task of providing Target URL through a mapping rule in the Service Provider configuration.
How should this requirement be achieved in the mapping URL?
A. login-redirect in <webseald>.conf
B. local-response-redirect in <webseald>.conf
C. ITFIM attribute target_url in <serviceprovidermapping>.xslt
D. itfim_override_targeturl in <serviceprovidermapping>.js
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 7:
A customer has deployed an IBM Security Access Manager V9.0 solution to protect web applications. After the initial authentication between the client and WebSEAL, WebSEAL can build a new Basic Authentication header and use the -b option to provide the authenticated Security Access Manager user name (client's original identity) together with a predefined static password across the junction to the back-end server.
Which configuration option will accomplish this?
A. -b gso
B. -b ignore
C. -b supply
D. -b filter
正解:B
質問 8:
A customer deployment consists of a large number of virtual host junction definitions.
During a troubleshooting session the deployment professional realizes the WebSEAL logs do not distinguish between requests to different virtual hosts.
How can this be remediated?
A. Customize the request log to include the relative URL
B. Customize the message log to include the absolute URL
C. Customize the request log to include the absolute URL
D. Customize the message log to include the relative URL
正解:A
夏目** -
お陰さまでC2150-609試験に合格しました!C2150-609試験参考書が本当に助かりました!誠にありがとうございました。