1Z0-479 Online Practice Questions and Answers

Your customer wants to use the information available in the Identity Context in their application to determine a user's journey through various screens and functions.

One of the attributes they want to use is the Oracle Adaptive Access Manager (OAAM) risk score. They have deployed OAAM and think they have integrated it correctly into the Oracle Access Management platform. However, when their application interrogates Identity Context, none of the OAAM attributes are present.

Which three configuration settings should you check as part of troubleshooting the problem? (Choose three.)

A. The OAAM propertyoracle.oaam.idcontext.enabledhas been set totrue.

B. Oracle Access Manager is using the "OAAM Advanced" authentication scheme.

C. The TAP token version is set to 2.1 in OAAM properties.

D. The application has been given proper source code grants to access the Identity Context runtime.

E. A configurable action has been defined in OAAM to generate the Identity Context attributes.

F. Oracle Security Token Service has been configured to generate the Identity Contextassertion.

Your customer has deployed an employee portal that you have protected with Oracle Access Manager (OAM). The customer now wants a new portlet added to the home page to display the employee's salary details. The portlet will obtain the information through a call an internally exposed web service. Your customer has defined the following security requirements for the new portlet:

1.

Employees must be authenticated through risk-based authentication before they can access the portal.

2.

The web service must be secured from unauthenticated calls.

3.

All security logic for the web service must be external to the web service.

4.

The web service should return salary details only if the user's authentication risk score is below 500. Which four steps must you perform to meet the requirements for the new portlet?

A. Deploy Oracle Adaptive Access Manager (OAAM) and integrate it with OAM, settings OAAM as the authentication scheme.

B. Configure Oracle Web Services Manager (OWSM) on the portal container to generate asecurity token.

C. Configure a cookie response in OAM to set the risk score into a cookie calledHTTP_RISK_SCORE.

D. Enable Identity Assertion propagation in the OAM policy.

E. Configure OWSM to call OAAM to obtain the risk score.

F. Configure an OWSMpolicy to protect the web service, consume the security token, and evaluate the risk score.

Which authentication scheme is the preferred option for integrating OAM with OAAM in 11gR2?

A. OAAMBasic authentication scheme

B. TAPScheme authentication scheme

C. OAAMAdvanced authentication scheme

D. LDAPScheme authentication scheme

What is the role of a user data store in Oracle Identity Federation (OIF) 11g when it is configured as an Identity Provider (IdP)? (Choose the best answer.)

A. Oracle Identity Federation uses the repository to map the information in received assertions to user identities at the destination.

B. When creating a new federation, Oracle Identity Federation uses the repository to identify a user and link the new federation tothat user's account.

C. Oracle Identity Federation uses the repository to authorize users for access to protected resources.

D. Oracle Identity Federation uses therepository to verify user identities and to build protocol assertions.

You are configuring Oracle Entitlements Server (OES) and have a requirement to make a connection to an external Policy Information Point (PIP) in order to retrieve an attribute for use in a condition.

You need to modify the security module configuration to configure the PIP. Which two options do you have for making this modification?

A. Configure the PIP settings in your OES policy and distribute it to each security module as part of the policy distribution.

B. Manually edit thejps-config.xmlfile on each security module.

C. Use the OES admin console to define the PIP settings and write them to a database for each security module to retrieve during bootstrap.

D. Use the SMConfig UI to configure the settings.

Identify two settings in the Authentication Scheme definition of Oracle Access Manager 11g.

A. Authentication Password

B. Challenge Method

C. Authentication Level

D. Error Message

E. Authentication Id

When managing Token Issuance conditions and rules in Security Token Service, who is granted access to a requested resource through the Allow type rule?

A. Only partners are granted access; everyone else is denied access to the resource.

B. Only the partners and users listed in a condition are granted access; everyone else is denied access to the resource.

C. Users listed in a condition are granted access; everyone else is denied access to the resource.

D. Only Relying Party Partners are granted access; everyone else is denied access to the resource.

You have configured a new pattern in Oracle Adaptive Access Manager (OAAM) to capture login times of devices. Your customer wants to ensure that devices that are used outside their normal times are blocked.

After creating your pattern, which two additional steps must you perform to configure OAAM to meet this requirement?

A. Create a transaction definition for the pattern.

B. Create a new rule in an existing policy that contains an appropriate condition to evaluate your new pattern.

C. Linkyour chosen policy to the appropriate user groups.

D. Configure a block action for your new rule.

E. Restart the OAAM Managed Server for the pattern to take effect.

What is the purpose of the extractMovePlan Script when moving an Oracle Access Management environment from to production?

A. It extracts configuration information from the achieve created on the source environment into XML files, which can be edited for the destination environment.

B. It extracts the binary files from the archive created on the source environment into the destination environment.

C. It extracts the configuration files from the archive created on the source environment into the destination environment.

D. It extracts the distribution at a mount point.

Identify two ways in which you can specify trusted Identity Provider (Idp) partners while configuring Service Provides (SP) in Oracle Access Management Identity Federation.

A. Manually create a new Idp configuration and fill the form with all attributes.

B. Import the metadata file generated from an Idp deployment to create a new Identity Provider configuration.

C. Automatic discovery of an Idp populates the configuration data.

D. A request can be broadcast to all IdPs and the one that matches returns its configuration data is populated.

E. A sample XML configuration file is provided, which needs to be modified, and the Server needs to be restarted.