C2150-609 | Refresh C2150-609 Practice Exam For IBM Security Access Manager V9.0 Deployment Certification
It is more faster and easier to pass the IBM C2150-609 exam by using Guaranteed IBM IBM Security Access Manager V9.0 Deployment questuins and answers. Immediate access to the Far out C2150-609 Exam and find the same core area C2150-609 questions with professionally verified answers, then PASS your exam with a high score now.
Free C2150-609 Demo Online For IBM Certifitcation:
NEW QUESTION 1
A company has a large number of users who use mobile applications. The company wants to implement context-aware access controls for these resources.
Which module of IBM Security Access Manager V9.0 should the company enable to support this requirement?
- A. Federation module
- B. Protocol Analysis module
- C. Mobile Access Control modulo
- D. Advanced Access Control module
NEW QUESTION 2
The IBM Security Access Manager V9.0 high-volume database stores data for which component?
- A. Cluster
- B. Runtime Server
- C. Advanced Access Control
- D. Distributed Session Cache
NEW QUESTION 3
An IBM Security Access Manager V9.0 deployment specialist is getting reports of failing requests. Analysis of a support file shows many connections to the backend server in TIME_WAIT state?
Where is the setting "sysctl.net.ipv4.tcp_tw_reuse = 1" added?
- A. In the [tcp] stanza of the reverse proxy instance conf file
- B. In the [server] stanza of the reverse proxy instance conf file
- C. In the LMI "Manage System Settings -> Network Settings -> Tuning" panel
- D. In the LMI "Manage System Settings -> System Settings -> Advanced Tuning Parameters" panel
NEW QUESTION 4
In an organization's testing environment, the IBM Security Access Manager V9.0 deployment professional is required to deploy the virtual appliance on Amazon EC2 with a single reverse proxy instance with a single network interface.
How should the deployment professional configure the reverse proxy so that end-users can access the reverse proxy without specifying a non-standard port (other than 80 and 443)?
- A. Use port forwarding to map non-standard port to a standard port on appliance using LMI
- B. Use port forwarding to map non-standard port to a standard port on appliance using CLI
- C. Configure appliance management port to listen on non-standard port and set reverse proxy port to listen on standard port using LMI
- D. Configure appliance management port to listen on non-standard port and set reverse proxy port to listen on standard port using CLI
NEW QUESTION 5
How should the disk space occupied by the several large support files be reduced?
- A. Configure automatic roll over of support files using the LMI
- B. Download the support files and delete them from the appliance
- C. Download the support files which will also delete them from the appliance
- D. Configure support file retention policy using the LMI to restrict, such that files older than a certain date are purged
NEW QUESTION 6
A company has deployed an IBM Security Access Manager V9.0 solution for protecting web resources and has enabled auditing for monitoring purposes. A security deployment professional has observed that audit records are using large quantities of disk space due to the large number of audit events related to HTTP access.
Which two strategies will help to reduce the volume of audit events in above scenario? (Choose two.)
- A. Generate audit records for specific groups only
- B. Generate events for unsuccessful HTTP accesses only
- C. Generating selective audit records using authorization rules
- D. Reconfigure WebSEAL to use CARS auditing, instead of native auditing
- E. Selectively disable the generation of events by using attached protected object policies (POPs)
NEW QUESTION 7
Prior to installing a firmware update the deployment professional creates a snapshot of the appliance configuration. During acceptance testing of the new firmware it is discovered that the update introduced a bug.
How should the deployment professional restore the previous configuration?
- A. Manage System Settings > System Settings > Snapshots, select the snapshot and click Apply
- B. Manage System Settings > System Settings > Snapshots, select the snapshot and click Restore
- C. Manage System Settings > Updates and Licensing > Available Updates, select the update and click Uninstall
- D. Manage System Settings > Updates and Licensing > Firmware Settings, click the Set Active link on the inactive partition
NEW QUESTION 8
Which two protocols does the federation module in IBM Security Access Manager V9.0 support? (Choose two.)
- A. SAML2.0 D
- B. XACML3.0
- C. Higgins 2.0.0
- D. OpenID Connect
- E. Shibboleth (Internet 2)
NEW QUESTION 9
The Distributed Session Cache has been enabled to replace the Session Management Server in a recently migrated IBM Security Access Manager V9.0 environment. Several Reverse Proxies have not yet been migrated from ISAM V7.0.
The help desk is now receiving user complaints due to multiple logins required for applications protected by the ISAM V7.0 Reverse Proxies.
Which Distributed Session Cache option should be checked?
- A. enable-sms-functionality
- B. provide_700_9ttribute_ids
- C. Replicate certificate databases
- D. Support internal and external clients
NEW QUESTION 10
A customer has configured the IBM Security Access Manager V9.0 appliance authentication to an external LDAP server. The customer wants to allow support staff with LDAP accounts that are members of the HelpDesk group to view appliance and audit logs.
Where should the deployment professional configure a new role and map it to the HelpDesk LDAP group for the support staff?
- A. Manage System Settings -> Management Delegation
- B. Manage System Settings -> Administrator Settings
- C. Manage System Settings -> Management Authorization
- D. Manage System Settings -> Management Authentication
NEW QUESTION 11
A deployment professional is configuring IBM Security Access Manager V9.0 for Management Authentication using remote LDAP.
Which configuration field value is optional?
- A. Enable SSL to LDAP
- B. Configure Administrative Group DN
- C. Specify whether or not to bind anonymously
- D. Select Local Database or Remote LDAP Server
NEW QUESTION 12
- A. info.js
- B. init_acc.js
- C. setup_riskscore.js
- D. dynamic.attributes.js
NEW QUESTION 13
A company has deployed an IBM Security Access Manager V9.0 solution to protect web resources and now wants to secure access to enterprise resources from mobile devices. The security deployment professional needs to run a utility to configure the existing WebSEAL with the instance of the appliance that provides the authorization server for Advanced Access Control.
Which utility tool will perform this configuration?
- A. isamcfg
- B. pdadmin
- C. Web Administration Tool (WAT)
- D. Middleware Configuration Utility
NEW QUESTION 14
A company wants to accelerate cloud adoption by integrating with popular public SaaS applications. The IBM Security Access Manager V9.0 deployment professional has determined there are Quick Connectors available for the chosen SaaS applications.
Which task does the deployment professional need to perform?
- A. Develop custom mapping rules for the SaaS Application provider
- B. Create the ServiceProvider (SP) Federation on the ISAM appliance
- C. Synchronize users' enterprise credentials to the Saas Application provider
- D. Select a Partner Quick Connect partner template for the SaaS Application provider
NEW QUESTION 15
A customer is migrating from TAM v6.1 running on AIX to IBM Security Access Manager (ISAM) V9.0 hardware appliances.
Which information from the TAM v6.1 environment will be useful in sizing the new ISAM V9.0 hardware configuration?
- A. WebSEAL request logs
- B. WebSEAL CDAS specifics
- C. Number of LDAP replicas
- D. Number of objects in the protected object space
NEW QUESTION 16
A deployment professional is configuring context based access for a protected resource junctioned by WebSEAL.
What must be explicitly set in order to invoke the runtime security services EAS to authorize a request?
- A. Trigger-url
- B. Authorization rule
- C. Protected Object Policy (POP)
- D. Policy Information Point (PIP)
NEW QUESTION 17
The customer directory environment includes two Active Directory (AD) Domain Controllers (DC) managing separate suffixes (one for corporate users, one for field offices), and one occurrence of Oracle Directory Server (ODS). The business requirement states the AD for corporate users is optional and the environment should remain available even if this DC is down. There are no duplicate users across these directories.
After configuring all directories in the Secure Web Settings -> Runtime Component -> Manage -> Federated Directories, how can this requirement be achieved?
- A. Edit the resulting Idap.conf and add the "ignore-if-down = yes" to the AD for the corporate.
- B. Ensure the "Required" checkbox is checked for both the field office AD and the ODS server.
- C. Edit the resulting Idap.conf and add the "max-server-connections = 0" to the AD for the corporate.
- D. Edit the resulting Idap.conf and add the "ignore-if-down = yes" to the AD for the field offices and ODS server.
NEW QUESTION 18
Which action must be completed for an external high-volume runtime database after upgrading a Security Access Manager appliance?
- A. Drop the runtime database
- B. Restart the external database
- C. Recreate the configuration table
- D. Run the Access Control update .sql files
NEW QUESTION 19
A customer deployment consists of a large number of virtual host junction definitions. During a troubleshooting session the deployment professional realizes the WebSEAL logs do not distinguish between requests to different virtual hosts.
How can this be remediated?
- A. Customize the message log to include the relative URL
- B. Customize the request log to include the relative URL
- C. Customize the message log to include the absolute URL
- D. Customize the request log to include the absolute URL
NEW QUESTION 20
Which hardware component is included in an IBM Security Access Manager V9.0 hardware appliance?
- A. UPS
- B. IPMI port
- C. LCD Panel
- D. InfiniBand port
NEW QUESTION 21
A customer wants to replace an IBM Security Access Manager V7.0 Session Management Server with the ISAM 9.0 Distributed Session Cache.
Which DSC configuration must be completed to allow SSL communication?
- A. Create new replica set
- B. Configure DSC to listen on port 443
- C. Select "Support internal clients only" in the Session Cache tab of the LMI.
- D. Select "Enable SSL" and choose a certificate in the Session Cache tab of the LMI.
NEW QUESTION 22
Recommend!! Get the Full C2150-609 dumps in VCE and PDF From DumpSolutions.com, Welcome to Download: https://www.dumpsolutions.com/C2150-609-dumps/ (New 137 Q&As Version)