The deployed IBM Security Access Manager (ISAM) V9.0 solution in a company already contains a federated LDAP server. However, the dynamic group support is disabled. A deployment professional is required to change the existing federated LDAP server configuration to support the dynamic groups.
How should the deployment professional do this?
A. Edit the federated directory configuration using LMI method and select the checkbox
"Enable dynamic group"
B. Re-federate the LDAP server with dynamic group support enabled
C. Manually modify the activedir.conf file and add 'dynamic-groups-enabled = yes'
D. Manually modify the ldap.conf file and add 'dynamic-groups-enabled = yes'
正解:B
質問 2:
A deployment professional attempts to log into an appliance which is part of a cluster to run pdadmin commands and receives the following message:
pdadmin> login -a sec_master -p password
2016-03-03-02:04:38.683-06:001------0x1354A420 pdadmin ERROR ivc socket mtsclient.cpp 2376
0x7fc2b7b0c720
HPDCO1056E Could not connect to the server 192.168.254.11, on port 7135.
Error: Could not connect to the server. (status 0x1354a426)
What should the deployment professional check concerning the login target?
A. Login was attempted on a non-primary master of a cluster and the primary policy server is down
B. Login was attempted on a special node
C. Login was attempted on a secondary master that has not been promoted to the primary
D. Login was attempted on a restricted node
正解:B
質問 3:
A deployment professional needs to update the certificate used by the LMU Which steps should the deployment professional follow to complete this task?
A. Navigate in the LMI to manage system settings -> Management Authorization -> Update rt_profile_keys key file
B. Navigate in the LMI to manage system settings -> Management SSL Certificate -> Update rt_profile_keys key file
C. Navigate in the LMI to manage system settings -> Management SSL Certificate -> Request New Certificate from CA
D. Navigate in the LMI to manage system settings -> Management SSL Certificate -> Upload p12 file
正解:D
質問 4:
An IBM Security Access Manager (ISAM) V9.0 deployment professional has downloaded the ISAM V9.0 installation files from the IBM Passport Advantage site. XenServer 6.2 will be the hypervisor technology used for a new ISAM Virtual Appliance installation.
What is the installation media file type needed to deploy the new ISAM appliance on XenServer?
A. vhd file
B. pkg file
C. img file
D. ova file
正解:D
質問 5:
A deployment professional has configured SNMP on all IBM Security Access Manager V9.0 appliances and is using the agentless adapter from Tivoli Monitoring to pull OS level CPU, Memory, Disk and Processes information.
Which alert can be setup in Tivoli Monitoring based on the data extracted?
A. Alert when reverse proxy message log file size exceeds 1GB
B. Alert when reverse proxy is not running
C. Alert when hard / soft limits are reached on a reverse proxy
D. Alert on junction level response times higher than 1 second
正解:A
質問 6:
Due to regulatory statutes, the customer must limit a user to one session.
Which IBM Security Access Manager V9.0 capability is required to address this customer requirement?
A. Session Management Server
B. Distributed Session Cache
C. Authorization Server
D. Advanced Access Control
正解:B
質問 7:
Which two features does the hardware appliance provide by default? (Choose two.)
A. Dedicated CPU. disk and memory resources for IBM Security Access Manager
B. DVD drive
C. On-board Hardware Cryptographic Accelerator
D. Built-in UPS
E. 6 network interfaces
正解:A,E
質問 8:
Given the following description of the IBM Security Access Manager V9.0 Web Proxy environment and command:
What will running this command do?
A. It will turn on the pdweb.snoop tracing on ALL Web Proxy Instances.
B. It will turn off the pdweb.snoop tracing on ALL Web Proxy instances.
C. It will turn on the pdweb.snoop tracing for webseaMnstA.
D. It will turn off the pdweb.snoop tracing forwebseaMnstA.
正解:C
麻生** -
私はC2150-609試験資料を買って、よく勉強しました。案の定、C2150-609試験に合格しました。 ありがとうございました!