Latest IBM C2150-609 Dumps PDF Questions Answers 2024

IBM Security Access Manager V9.0 Deployment Questions and Answers

Question 1

A company is upgrading its existing IBM Security Access Manager (ISAM) environment to ISAM 9.0. Based on the requirements for the upgrade, activation keys have been procured for different ISAM modules.

Which two features require an activation key? (Choose two.)

Options:

REST APIs

Web Reverse Proxy

Authorization Server

Local Management Interface

Distributed Session Cache

Buy Now

Question 2

The web security department of an organization has found that their site is vulnerable to Denial of Service, Brute Force, Buffer Overflow and decided to use the Web Application Firewall (WAF) feature available in IBM Security Access Manager V9.0.

Even after enabling WAF, the site is still vulnerable to the above attacks. The deployment professional is pretty sure that the signature for these attacks have been released and has decided to check for X-Force updates.

How should the deployment professional check and update this?

Options:

Using CLI, firmware -> ips_updt_install

Using CLI, updates -> xforce_updt_install

Using LMI, Manage System Settings -> Updates and Licensing -> Available Updates

Using LMI, Manage System Settings -> Updates and Licensing -> Intrusion Prevention updates

Question 3

A system is configured with two IBM Security Access Manager (ISAM) V9.0 reverse proxy servers behind a load balancer, and it is planned to use forms-based user authentication. It is a requirement that if a reverse proxy were to fail, users that were already logged in would not be required to log in again.

Which two configurations can the deployment professional use to achieve this? (Choose two.)

Options:

Configure the system to use LTPA cookies

Configure the system to use session cookies

Configure the system to use failover cookies

Configure the system to use the global signon (GSO) cache

Configure the system to use the Distributed Session Cache (DSC)

Question 4

Prior to installing a firmware update the deployment professional creates a snapshot of the appliance configuration. During acceptance testing of the new firmware it is discovered that the update introduced a bug.

How should the deployment professional restore the previous configuration?

Options:

Manage System Settings > System Settings > Snapshots, select the snapshot and click Apply

Manage System Settings > System Settings > Snapshots, select the snapshot and click Restore

Manage System Settings > Updates and Licensing > Available Updates, select the update and click Uninstall

Manage System Settings > Updates and Licensing > Firmware Settings, click the Set Active link on the inactive partition

Question 5

An IBM Security Access Manager V9.0 deployment professional executes the following steps:

1. Navigate to Edit SSL Certificate Database - embedded_ldap_keys

2. Select the embedded LDAP server certificate

3. Click Manage->Export

4. Save the resulting .cer file onto local desktop

Which task was the deployment professional performing?

Options:

Renewing the embedded LDAP server certificate

Replacing the embedded LDAP server certificate

Creating a backup of the embedded LDAP server certificate

Preparing to configure SSL for a local LDAP client to the embedded LDAP server

Question 6

A customer's IBM Security Access Manager V9.0 deployment consists of a cluster with Primary and Secondary masters. The Primary master fails and becomes unavailable and prevents any policy updates.

Which action is required to ensure policy updates can be applied?

Options:

Promote the Secondary to Primary

Enable the Policy server in Secondary master

Set the Policy DB in the secondary to read-write state

Restore a backed up master policy database to the secondary master

Question 7

Which two protocols does the federation module in IBM Security Access Manager V9.0 support?

(Choose two.)

Options:

SAML2.0 D B. XACML3.0

Higgins 2.0.0

OpenID Connect

Shibboleth (Internet 2)

Question 8

The IBM Security Access Manager V9.0 high-volume database stores data for which component?

Options:

Cluster

Runtime Server

Advanced Access Control

Distributed Session Cache

Question 9

In a customer environment, a REST API client is being developed to carry out Reverse Proxy configuration and maintenance. As part of one of the activities the customer needs to update the junction information with an additional Backend Server. The customer has written a REST API client but is not able modify the junction.

Which HTTP headers should the customer pass?

Options:

Host, Authorization

Host, Accept: Application/json

Authorization, Accept:Application/json

content-type:application/json, Authorization

Question 10

As part of installing a fixpack a deployment professional wants to back up the appliance configuration.

How is this done?

Options:

Click on the Create Backup link of the active partition

Select the active partition, select the Backup option from the Edit menu

Create a new snapshot, download the snapshot to the deployment professional's workstation, install the fixpack

Install the fixpack. The installation will copy the configuration and install the fixpack to the inactive partition, set it active and restart

Question 11

A deployment professional in charge of a large deployment with replicated reverse proxy instances needs to keep junctions, template files, and configuration settings in sync between the instances.

How can this be done?

Options:

Setup appliance clustering and issue server sync all

Setup appliance clustering and issue server cluster sync

Setup a master reverse proxy instance and issue server task source-instance sync target-instance

Setup a master reverse proxy instance and issue server task target-instance sync source-instance

Question 12

The customer requires high availability of its IBM Security Access Manager (ISAM) V9.0 WebSEAL infrastructure. The environment includes two WebSEAL appliances, two appliances for Policy Server and other ISAM services. All ISAM appliances are configured into a cluster which includes replicating the ISAM runtime and certificate files, the Policy Server, Runtime and Configuration databases, and the Distributed Session Cache. The complete LDAP configuration uses the embedded LDAP and externally federated IBM Security Directory Server (ISDS).

Which failover scenario is supported with this configuration?

Options:

The embedded LDAP on the WebSEAL appliances is available in read-only mode if the Primary Policy Server is unavailable.

Policy Server failover is automatic without manual intervention and the WebSEALs automatically detect the new active Policy Server.

An LDAP federation implies high availability therefore the external ISDS is always available with no additional configuration.

Distributed Session Cache (DSC) failover requires manual intervention at which point the WebSEALs automatically detect the new active DSC.

Question 13

A deployment professional is configuring IBM Security Access Manager V9.0 for Management Authentication using remote LDAP.

Which configuration field value is optional?

Options:

Enable SSL to LDAP

Configure Administrative Group DN

Specify whether or not to bind anonymously

Select Local Database or Remote LDAP Server

Question 14

During testing of an application the deployment professional is receiving frequent alerts about high disk utilization.

What action can be taken to resolve this issue?

Options:

Enable log rotation and compression

Resize the virtual disk and extend the active partition

Configure the appliance to store log and trace files on a remote server

Enable the appliance background scheduler to clear unused log and trace files on a periodic basis

Question 15

The security deployment professional of an IBM Security Access Manager V9.0 solution has been using routing files to customize message logging.

Which aspect of the logging activity can be controlled?

Options:

Size of log file

Delete log files

Log compression

HTML formatting

Question 16

IBM Security Access Manager (ISAM) V9.0 provides an External Authentication Interface (EAI) that enables the extension of the authentication process for WebSEAL The identity information returned by the EAI service is used to generate user credentials. This can be used as one of the methods to implement step-up authentication-How is this authentication information returned from the EAI server?

Options:

HTTP headers

HTTP parameters

[step-up] stanza

[authentication-levels] stanza

Question 17

The IBM Security Access Manager V9.0 Advanced Access Control module can perform Context-Based Authorization based on the contents of a POST parameter.

Which two configuration steps need to be performed to do this? (Choose two.)

Options:

Attach an appropriate Access Control List to the required URL

Attach an appropriate Access Control Policy to the required URL

Attach an appropriate Protected Information Point to the required URL

Add an entry to the [user-agents) stanza in the reverse proxy configuration file.

Add an entry to the [user-attribute-definitions] stanza in the reverse proxy configuration file

Question 18

A customer has an IBM Security Access Manager V9.0 appliance cluster spanning two data centers A and B. Data center A has the Primary Master and two Restricted nodes. Data center B has a Secondary Master and two Restricted Nodes. A Load Balancer with redundancy across data centers provides sticky load balancing to reverse proxies in both data centers.

What is true if a disaster recovery testing scenario takes down all appliances in data center A?

Options:

The Secondary Master will automatically be promoted to Primary Master

Reverse Proxies in Data Center B will service all end-users with no intervention

The Secondary Master has to be promoted to Primary for Data Center B to service end-users

Reverse Proxies in Data Center B need to be recycled sequentially to handle users assigned Data Center A reverse proxies

Question 19

An IBM Security Access Manager V9.0 systems deployment professional needs to protect a back-end web applications from SQL injection attacks that match signatures from the IBM X-Force signature database.

Which action needs to be performed?

Options:

Simulation Mode must be enabled and a Risk Profile must be specified.

Web Content Protection must be enabled and a Risk Profile must be specified.

Simulation Mode must be enabled and a Registered Resource must be specified.

Web Content Protection must be enabled and a Registered Resource must be specified.

Question 20

The deployment professional wants to back up the embedded LDAP personal certificate, including the private key. They navigate to Manage System Settings -> SSL Certificates -> and select the "extract" option.

Which file format is the resulting certificate backup?

Options:

.p12

.kdb

jks

cer

Exam Detail

Vendor: IBM

Certification: IBM Other Certification

Exam Code: C2150-609

Exam Name: IBM Security Access Manager V9.0 Deployment

Last Update: Dec 22, 2024

C2150-609 Question Answers

New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium IBM C2150-609 Dumps Questions Answers

IBM Security Access Manager V9.0 Deployment Questions and Answers

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

CompTIA

Fortinet

Microsoft

Salesforce