EMT Practice Test

1. Question Content...


Question List

Question1: The IBM Security Access Manager V9.0 Advanced Access Control module can perform Context-Based Authorization based on the contents of a POST parameter.
Which two configuration steps need to be performed to do this? (Choose two.)

Question2: Which hypervisor supports hosting the IBM Security Access Manager (ISAM) 9.0 virtual appliance?

Question3: An IBM Security Access Manager (ISAM) V9.0 deployment professional has downloaded a snapshot from an ISAM virtual appliance configured with reverse proxy. This snapshot is being applied to another virtual appliance.
Which condition must be met before applying a snapshot form one virtual appliance to another?

Question4: A deployment professional has configured Federated Single Sign-On using IBM Security Access Manager V9.0 with WebSEAL as point of contact.
Which two things need to be configured to achieve Single Log Out (SLO) in the SAML 2.0 Federation?(Choose two.)

Question5: A customer received a replacement hardware appliance, but on boot up it has a different firmware than that for IBM Security Access Manager (ISAM) V9.0. The appliance needs to be flashed to ISAM V9.0. The appliance needs to be rebooted with a bootable USB drive formatted as FAT32.
Which file format is needed to create the bootable drive?

Question6: In an organization's testing environment, the IBM Security Access Manager V9.0 deployment professional is required to deploy the virtual appliance on Amazon EC2 with a single reverse proxy instance with a single network interface.
How should the deployment professional configure the reverse proxy so thatend-users can access the reverse proxy without specifying a non-standard port (other than 80 and 443)?

Question7: An IBM Security Access Manager V9.0 systems deployment professional needs to protect a back-end web applications from SQL injection attacks that match signatures from the IBM X-Force signature database.
Which action needs to be performed?

Question8: A large bank has multiple applications protected by two identically configured WebSEAL servers.One junction supports a reporting application that frequently experiences performance issues which slows response time. The worst case results in the entire site becoming unresponsive when all WebSEAL worker threads on all WebSEAL instances are consumed on the Junctions to this one reporting application.
Which configuration change will prevent this situation from occurring without impacting the behavior of any other application (junction), and keeping the entire site up?

Question9: An IBM Security Access Manager (ISAM) V9.0 deployment professional has downloaded the ISAM V9.0 installation files from the IBM Passport Advantage site. XenServer 6.2 will be the hypervisor technology used for a new ISAM Virtual Appliance installation.
What is the installation media file type needed to deploy the new ISAM appliance on XenServer?

Question10: A customer has deployed an IBM Security Access Manager V9.0 solution to protect web applications. After the initial authentication between the client and WebSEAL,WebSEAL can build a new BasicAuthentication header and use the -b option to provide the authenticated Security Access Manager user name (client's original identity) together with a predefined static password across the junction to the back-end server.
Which configuration option will accomplish this?

Question11: A customer has configured the IBM Security Access Manager V9.0 appliance authentication to an external LDAP server. The customer wants to allow support staff with LDAP accounts that are members of the HelpDesk group to view appliance and audit logs.
Where should the deployment professional configure a new role and map it to the HelpDesk LDAP group for the support staff?

Question12: A customer's IBM Security Access Manager V9.0 deployment consists of a cluster with Primary and Secondary masters. The Primary master fails and becomes unavailable and prevents any policy updates.
Which action is required to ensure policy updates can be applied?

Question13: A deployment professional has created an Access Control Policy to protect sensitive businessinformation:

Which Policydecision is returned for a userwith a risk score of 35 andhas consented to registering adevice?

Question14: A company is planning to deploy an IBM Security Access Manager (ISAM) V9.0 cluster to provide high availability services to its customer. ISAM cluster members are separated by a firewall.
Which port(s) should be open in the firewall to assure normal cluster service functionality?

Question15: The appliance dashboard Reverse Proxy Health widget indicates a problem with the /snoop junction on the Test instance.
Which log file can be examined to find product errors?

Question16: A deployment professional wants to ensure traffic from a Reverse Proxy toa junction backend applicationserver goes out over a specific interface.
How can this be accomplished?

Question17: A customer is migrating from TAM v6.1 running on AIX to IBM Security Access Manager (ISAM) V9.0 hardware appliances.
Which information from the TAM v6.1 environment will be useful in sizing the new ISAM V9.0 hardware configuration?

Question18: The deployed IBM Security Access Manager (ISAM) V9.0 solution in a company already contains a federated LDAP server. However, the dynamic group support is disabled. A deployment professional is required to change the existing federated LDAP server configuration to support the dynamic groups.
How should the deployment professional do this?

Question19: A risk officer of an organization discovered that a site protected by the IBM Security Access Manager V9.0 solution might be vulnerable to common attacks like cross-site scripting (XSS) and SQL injection.
Which optional component should be configured to protect against these attacks?

Question20: The IBM Security Access Manager V9.0 deployment professional has recently discovered an entire deployment of over 100 junctions was performed incorrectly.
How can a repair operation be scripted for this, and future deployment personnel?