1. Home
  2. IBM
  3. C2150-609

IBM Security Access Manager V9.0 Deployment

Exam Details

  • Exam Code
    :C2150-609
  • Exam Name
    :IBM Security Access Manager V9.0 Deployment
  • Certification
    :IBM Certifications
  • Vendor
    :IBM
  • Total Questions
    :138 Q&As
  • Last Updated
    :Apr 12, 2025

IBM IBM Certifications C2150-609 Questions & Answers

  • Question 31:

    In an IBM Security Access Manager (ISAM) V9.0 Federated SSO flow, the ISAM V9.0 appliance is used as the Service Provider. The SSO is IDP initiated. The IDP initiated unsolicited SSO doesn't have the target URL specified where Service Provider should be sending the user after consuming the SAML2.0 Assertion. The implementer of the SSO provider has been given the task of providing Target URL through a mapping rule in the Service Provider configuration.

    How should this requirement be achieved in the mapping URL?

    A. login-redirect in .conf

    B. local-response-redirect in .conf

    C. itfim_override_targeturl in .js

    D. ITFIM attribute target_url IN .xslt

  • Question 32:

    A deployment professional has created an Access Control Policy to protect sensitive business information, but is not obtaining the desired result.

    Considering the rule precedence, which decision is returned for a user with a risk score of 40 and an ipAddress not considered malware?

    A. Deny

    B. Permit

    C. Deny after Authentication One-Time-Password

    D. Permit after Authentication One-Time-Password

  • Question 33:

    A customer has IBM Security Access Manager (ISAM) V9.0 Appliance A which will be used for the Point of Contact Server and the Context-based External Authorization Service. Appliance B will be used for the SAML 2.0 Service Provider.

    What are the license requirements for Appliance A and B respectively?

    A. Federation | Federation

    B. ISAM for Mobile | Federation

    C. ISAM Access Manager Platform | ISAM Access Manager Platform, Federation

    D. ISAM Access Manager Platform, Advanced Access Control | ISAM Access Manager Platform, Federation

  • Question 34:

    A customer's IBM Security Access Manager V9.0 deployment consists of reverse proxy appliances situated in the DMZ and primary master and secondary master appliances situated in the internal corporate network.

    Which port and direction of the network traffic flow is required to support cluster services between the appliances situated in the DMZ and the internal corporate network segment?

    A. Port 22; Bidirectional

    B. Port 22; Unidirectional

    C. Port 2020; Bidirectional

    D. Port 2020; Unidirectional

  • Question 35:

    A customer is deploying an IBM Security Access Manager V9.0 solution to protect back end resources and is planning to use an LDAP Server that is set up to use SSL server authentication.

    What is required to enable SSL to secure communications with LDAP?

    A. LDAP server's private key

    B. LDAP server's public key stash file

    C. LDAP server's CA signer certificate

    D. LDAP server's private and public key

  • Question 36:

    Which two features does the hardware appliance provide by default? (Choose two.)

    A. DVD drive

    B. Built-in UPS

    C. 6 network interfaces

    D. On-board Hardware Cryptographic Accelerator

    E. Dedicated CPU, disk and memory resources for IBM Security Access Manager

  • Question 37:

    An IBM Security Access Manager (ISAM) V9.0 deployment professional wants to implement some changes to the ISAM object space in the production environment. Before applying the changes, the ISAM object space needs to be exported and saved.

    How should the ISAM deployment professional do this export?

    A. Use the REST API

    B. Use the LMI export panel

    C. Use the pdadmin command

    D. Use the Policy Administration (WPM)

  • Question 38:

    There are random network errors occurring so the IBM Security Access Manager V9.0 deployment specialist has decided to enable Packet Tracing and feed the resulting pcap file into Wireshark for analysis.

    Which information is required to enable this feature?

    A. Filter

    B. Protocol

    C. Destination IP

    D. Trace file size

  • Question 39:

    A deployment specialist wants to use IBM Security Access Manager V9.0 to protect the back-end web applications from Cross Site Scripting attacks.

    Which module will provide this protection?

    A. Federation Module

    B. Policy Server Module

    C. Protocol Analysis Module

    D. Advanced Access Control Module

  • Question 40:

    A customer wants to replace an IBM Security Access Manager V7.0 Session Management Server with the ISAM 9.0 Distributed Session Cache.

    Which DSC configuration must be completed to allow SSL communication?

    A. Create new replica set

    B. Configure DSC to listen on port 443

    C. Select "Support internal clients only" in the Session Cache tab of the LMI.

    D. Select "Enable SSL" and choose a certificate in the Session Cache tab of the LMI.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IBM exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your C2150-609 exam preparations and IBM certification application, do not hesitate to visit our Vcedump.com to find your solutions here.