There is an SSL connectivity issue between the IBM Security Access Manager V9.0 Reverse Proxy and the backend business application.
Which Two troubleshooting commands under Tools in the application SSH interface can be used to validate the Reverse Proxy can successfully connect to the backend host: secure-port? (Choose two.)
A. Ping
B. Session
C. Connect
D. Traceout
E. Connections
Which web resource should be used to keep up to date on support flashes, fixpack announcements, and other product related issues?
A. The IBM Support Portal
B. The IBM Security twitter account
C. The LinkedIn IBM Security Access Manager V9.0 Group
D. The IBM devWorks IBM Security Access Manager V9.0 Forum
The IBM Security Access Manager (ISAM) V9.0 deployment professional tries to login to the LMI and discovers user "admin" no longer works, even though the correct password is also provided. The iSAM deployment professional must use "admin@local".
What ISAM application configuration change has occured to cause this behavior?
A. The LMI certificate has expired.
B. The LMI Dashboard was incorrectly configured.
C. Management Authorization has been configured.
D. Management Authentication has been configured.
The Distributed Session Cache has been enabled to replace the Session Management Server in a recently migrated IBM Security Access Manager V9.0 environment. Several Reverse Proxies have not yet been migrated from ISAM V7.0. The help desk is now receiving user complaints due to multiple logins required for applications protected by the ISAM V7.0 Reverse Proxies.
Which Distributed Session Cache option should be checked?
A. enable_sms-functionality
B. provide_700_attribute_ids
C. Replicate certificate databases
D. Support internal and external clients
The request in a customer environment is IDP Initiated unsolicited SSO. The initial URL is:
https://POCIDP/FIM/sps/saml2idp/saml20/loginitial?
RequestBinding =HTTPPostandPartnerId= https://POCSP/isam/sps/abc/saml20andNameIdFormat =Email
The POCIDP is Point of Contact for Identity Provider and POCSP is Point of Contact for Service Provider.
The customer wants to configure TargetURL within the Service Provider Federation configuration in IBM
Security Access Manager V9.0.
What will satisfy this requirement?
A. poc.sigin.responseTargetURL
B. Target_URL in the mapping rule
C. Federation Runtime property TargetURL
D. itfim_override_targeturl_attr in the mapping rule
An Access Manager environment utilizing failover coolies was recently upgraded from TAM 6.1.1 to IBM Security Access MANAGER (ISAM) V9.0. The deployment professional wants to take advantage of the Distributed Session Cache.
What are two advantages of the DSC verses failover coolies? (Choose two.)
A. Utilizes SHA2 encryption keys
B. Central administration of sessions
C. Concurrent session policy enforcement
D. Additional session cookie increasing security
E. Extra attributes passed in the session cookie
The IBM Security Access Manager (ISAM) V9.0 deployment professional has recently discovered an entire deployment of over 100 junctions was performed incorrectly.
How can a repair operation be scripted for this, and future deployment personnel?
A. Use the CLI SSH interface, navigating to isam-> admin and authenticating as sec_master.
B. Use a text editor and create the correct junction XML files, then import them using the LMI.
C. Use the LMI Secure Web Settings-> Reverse Proxy-> Manage-> Junction Management interface.
D. Use the REST API interface https://{appliance_hostname}/isam/pdadmin, JSON files and the CURL utility.
Which hypervisor supports hosting the IBM Security Access Manager (ISAM) 9.0 virtual appliance?
A. QNX
B. Hyper-V
C. VMware ESXi
D. RHEL Workstation
An IBM Security Access Manager V9.0 deployment professional needs to create the HTTP-Tag-Value attribute to pass values to a backend server as headers.
How can this be done?
A. By creating an HTTP rule which is attached to the ACL
B. By creating an AuthzRule which pulls the header from the ADI
C. By creating an extended attribute on a POP protecting the junction
D. By creating an extended attribute on the junction protected object
The IBM Security Access Manager system V9.0 deployment professional is planning to use a WebSEAL cluster in order to simplify the ongoing management of the system.
Which statement is correct about using a WebSEAL cluster?
A. All members of a WebSEAL cluster must be members of the same appliance cluster.
B. Members of a WebSEAL cluster are not required to be members of the same appliance cluster.
C. Junction definition updates to any reverse proxy will be replicated to all other members of the WebSEAL cluster.
D. Junction definition updates to the WebSEAL cluster master must be manually copied to all other members of the WebSEAL cluster.