A customer has three LDAP servers: A master (ds1.example.com), another master (ds2.example com) and a read-only replica (ds3.example.com) used for the IBM Security Access Manager (ISAM) V9.0. The deployment professional has configured the ISAM runtime using ds1.example.com as the registration server.
Which configuration will provide load balancing for LDAP read across all three servers and failover to ds2.example.com for LDAP write?
A. replica= ds2.example.com, 389, readonly,5 replica= ds3.example.com, 389, readonly,5 replica= ds2.example.com, 389, readwrite,6
B. replica= ds1.example.com, 389, readonly,6 replica= ds2.example.com, 389, readonly,6 replica= ds3.example.com, 389, readonly,6 replica= ds2.example.com, 389, readwrite,4
C. replica= ds1.example.com, 389, readonly,4 replica= ds2.example.com, 389, readonly,4 replica= ds3.example.com, 389, readonly,4 replica= ds2.example.com, 389, readwrite,6
D. replica= ds1.example.com, 389, readonly,1 replica= ds2.example.com, 389, readonly,2 replica= ds3.example.com, 389, readonly,3 replica= ds2.example.com, 389, readwrite,4
The customer currently maintains all its users in Active Directory. As part of its new IBM Security Access Manager (ISAM) V9.0 deployment, the customer understands it will have to implement the ISAM "Global Sign-on (GSO)" to archive SSO with certain backend applications which do their own authentication and cannot be modified.
Which federated repositories configuration will address the customer requirements?
A. Use an external ISDS LDAP as the ISAM primary LDAP, federate with the AD and import all AD users into the ISAM TDS.
B. Configure the AD as the ISAM Primary LDAP, which will create the necessary secauthority= default suffix. Import all users into the ISAM AD.
C. Use the ISAM embedded LDAP as the Primary LDAP, federate with the AD and configure "basic user", and specify "basic-user-principal-attribute= samAccountName"
D. Use an external ISDS LDAP as the Primary LDAP, federate with the AD, configure "basic user", specify "basic-user-principal-attribute= samAccountName" and "basic-user-suffix= secauthority=default".
The IBM Security Access Manager (ISAM) V9.0 LMI SSL certificate is auto-generated by default.
When the LMI certificate is due to expire, how is it renewed?
A. The ISAM Appliance will renew LMI certificate automatically.
B. The ISAM deployment professional must issue reset_lmi_cert using command line interface.
C. The ISAM deployment professional must re-generate it using LMI Manage System Settings-> SSL panels.
D. The ISAM deployment professional must create a new self sign certificate using LMI Manage System Settings-> SSL panels.
An IBM Security Access Manager V9.0 systems deployment professional needs to protect a back-end web applications from SQL injection attacks that match signatures from the IBM X-Force signature database.
Which action needs to be performed?
A. Simulation Mode must be enabled and a Risk Profile must be specified.
B. Web Content Protection must be enabled and a Risk Profile must be specified.
C. Simulation Mode must be enabled and a Registered Resource must be specified.
D. Web Content Protection must be enabled and a Registered Resource must be specified.
An IBM Security Manager V9.0 deployment professional executes the following steps:
1.
Navigate to Edit SSL Certificate Database-embedded_ldap_keys
2.
Select the embedded LDAP server certificate
3.
Click Manage->Export
4.
Save the resulting .cer file onto local desktop
Which task was the deployment professional performing?
A. Renewing the embedded LDAP server certificate
B. Replacing the embedded LDAP server certificate
C. Creating a backup of the embedded LDAP server certificate
D. Preparing to configure SSL for a local LDAP client to the embedded LDAP server
A stateful junction /WebApp is added to a Web reverse proxy instance with two backend HTTP servers. When one of the backend server stops responding to the requests, the users are getting the "Third Party Not Responding" error message even though one of the backend server continues to respond.
Which parameter needs to be added to the configuration file so that "Third Party Not Responding" error page is not rendered and the user is connected to the backend server that is responding?
A. Use-same-session = yes
B. Use-new-stateful-on-error=yes
C. Failover-include-session-id= yes
D. Enable-failover-cookie-for-domain = yes
A customer received a replacement hardware appliance, but on boot up it has a different firmware than that for IBM Security Access Manager (ISAM) V9.0. The appliance needs to be flashed to ISAM V9.0. The appliance needs to be rebooted with a bootable USB drive formatted as FAT32.
Which file format is needed to create the bootable drive?
A. .iso
B. .ova
C. .pkg
D. .img
A risk officer of an organization discovered that a site protected by the IBM Security Access Manager V9.0 solution might be vulnerable to common attacks like cross-site scripting (XSS) and SQL injection.
Which optional component should be configured to protect against these attacks?
A. Federation
B. Secure Web Settings
C. Advanced Access Control
D. Web Application Firewall
There is an SSL connectivity issue between the IBM Security Access Manager V9.0 Reverse Proxy and the backend business application.
Which Two troubleshooting commands under Tools in the application SSH interface can be used to validate the Reverse Proxy can successfully connect to the backend host: secure-port? (Choose two.)
A. Ping
B. Session
C. Connect
D. Traceout
E. Connections
An IBM Security Access Manager V9.0 Reverse Proxy has a stateful junction to a Portal application called "/wps" There is no web server in front of Portal. This junction has three Portal servers defined behind it. The Portal team needs to do maintenance on each of the three servers. The team wants to accomplish with least impact to end users.
Which pdadmin "server task" based steps will accomplish this?
A. Stop a server, have Portal team apply maintenance, bring server online-repeat for the other two servers.
B. Delete a server, have Portal team apply maintenance then add server back-repeat for the other two servers.
C. Take a server offline, have Portal team apply maintenance, bring server online- repeat for the other two servers.
D. Throttle a server, ensure activity has ceased for that server, have Portal team apply maintenance, bring server online-repeat for the other two servers.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IBM exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your C2150-609 exam preparations and IBM certification application, do not hesitate to visit our Vcedump.com to find your solutions here.