IBM 000-003

Version

QUESTION NO: 1
The Information Security department is using a paper-based approval process to
grant user access to applications and systems. Internal audit has revealed that
some of the user accesses were altered without proper approvals. The customer wants
to implement a solution that will report on unauthorized user access modification
and modify the user access to original state. Which IBM Tivoli product will be
recommended?

A. IBM Tivoli Identity Manager

B. IBM Tivoli Compliance Insight Manager
C. IBM Tivoli Access Manager for Operating Systems
D. IBM Tivoli Application Dependency Discovery Manager
Answer: A

QUESTION NO: 2
Which is the best strategy for implementing security solutions in an enterprise?

A. always buy security products and solutions from a single vendor

B. for optimal performance, do not disturb security solutions once they are
deployed
C. use only IBM Tivoli security products as they satisfy all the security
requirements of any enterprise
D. if necessary, integrate third-party security products with IBM solutions to get
an end-to-end security solution
Answer: D

QUESTION NO: 3
Which security capability is most closely associated with the customer business
process eployment of new or updated application initiatives?Which security
capability is most closely associated with the customer business process ?eployment
of new or updated application initiatives?

A. firewalls, because they protect the deployed applications from attack

B. PKI, because it makes it easy to drive single sign-on to the deployed
applications
C. compliance management, because it guarantees the application will be running in
a safe environment
D. callable authentication and access services, because they eliminate the need to
include authentication and access code in the applications
Answer: D

QUESTION NO: 4
A customer has resources being managed in different facilities. When a security
solution is configured, what is the most important element to consider in the
design of the system?

A. use of a fiber optic backbone

B. the encryption protocol to be used
C. the time zone in which each facility is located
D. configuration of firewalls in the internal network
Answer: D
QUESTION NO: 5
Which two actions need to be accomplished during an initial meeting with the
customer when reviewing a company organizational chart? (Choose two.)

A. Identify key decision makers.

B. Examine the budget constraints.
C. Document the key players and their roles.
D. Determine which products are to be used.
E. Provide a detailed analysis of the current customer configuration.
Answer: A,C

QUESTION NO: 6
An organization requires that all users have anti-virus software installed and
active on their respective workstations at all times. However, they find they do
not have an automated way to check whether users conform to this requirement. Which
IBM Tivoli solution can help the organization automate these checks?

A. IBM Tivoli Access Manager

B. IBM Tivoli Identity Manager
C. IBM Tivoli User Administration
D. IBM Tivoli Security Compliance Manager
Answer: D

QUESTION NO: 7
IBM is using Value Unit Pricing methodology and charges metric for program license
entitlements, which is based upon the quantity of a specific designated measurement
used for a given program. What are three valid Value Units? (Choose three.)

A. UVU - User Value Units

B. SVU - Server Value Units
C. CVU - Cluster Value Units
D. NVU - Network Value Units
E. RVU - Resource Value Units
F. PVU - Processor Value Units
Answer: A,E,F

QUESTION NO: 8
Which IBM Tivoli solution can help increase customer revenue and achieve cost
savings?

A. run partner applications with IBM Tivoli Directory Server

B. control workflow across enterprises with IBM Tivoli Identity Manager
C. secure interactions with partner Web sites using IBM Tivoli Federated Identity
Manager
D. provide an application development platform with IBM Tivoli Access Manager for
e-business
Answer: C

QUESTION NO: 9
A customer needs to have a federated single sign-on with a requirement not to have
any user identifiable information transmitted between parties. Which two protocols
supported by IBM Tivoli Federated Identity Manager fulfill this requirement?
(Choose two.)
A. SAML V1.0
B. Liberty V1.2
C. Liberty V1.1
D. WS-Federation
E. WS-Provisioning
Answer: B,C

QUESTION NO: 10
Which two business goals are accomplished through the implementation of a
successful automated security management process? (Choose two.)

A. reduce impact of threats

B. increase data availability
C. increase data duplication
D. eliminate any risk of frauds
E. reduce the cost of ownership
Answer: A,E

QUESTION NO: 11
The current requirements specification document for a project dictates that a
report be available to show a company workstation and server securityThe current
requirements specification document for a project dictates that a report be
available to show a company? workstation and server security policy violations.
Which IBM Tivoli solution can address this requirement?

A. IBM Tivoli Identity Manager

B. IBM Tivoli Federated Identity Manager
C. IBM Tivoli Security Compliance Manager
D. IBM Tivoli Access Manager for e-business
Answer: C

QUESTION NO: 12
Given a directory service architecture made up of directory proxies frontends and
directory servers backends, which statement is true about a distributed directory
configuration on proxies?

A. Directory proxies must be configured to point to a single partition defined on

multiple directory backend servers.
B. Directory backend servers must be configured in a master-consumer configuration
to provide a distributed directory.
C. Directory backend servers must be configured in a peer-peer (master-master)
configuration to provide a distributed directory.
D. Directory proxies must be configured to point to the partitions that make up the
distributed directory defined on multiple directory backend
servers.
Answer: D

QUESTION NO: 13
What is the most common event collection method used by IBM Tivoli Compliance
Insight Manager?

A. Agent
B. Event
C. Batch
D. Timed
Answer: C

QUESTION NO: 14
A customer says: e are going through the latest big initiative right now. The focus
is on the time to market with new, bigger, and better Web-basedA customer says: ?e
are going through the latest big initiative right now. The focus is on the time to
market with new, bigger, and better Web-based business applications. We have no
time for implementing stronger security and we do not see how you can help us with
this.?business applications. We have no time for implementing stronger security and
we do not see how you can help us with this. What is the primary security
requirement indicated by the customer statement?What is the primary security
requirement indicated by the customer? statement?

A. Standards-based federated identity management tools are required.

B. User management and provisioning can help this customer achieve more efficient
and effective processes.
C. Strong risk management infrastructure will eliminate the need for security in
these applications, allowing the focus to be on business logic.
D. More consistent authentication and authorization service-oriented architecture
is needed for the applications, saving application development
time.
Answer: D

QUESTION NO: 15
Which three aspects of audit/compliance can be addressed by IBM Tivoli security
solutions? (Choose three.)

A. security of servers
B. audit of user identities/accounts
C. physical building access security
D. compliancy of a financial application
E. audit of security of business partners
F. audit of access control (policy and actuals)
Answer: A,B,F

QUESTION NO: 16
What is provisioning a user?

A. assigning that user accounts needed to fulfill the assigned roles

B. defining the user (with all specific attributes) in all the directories,
registries, databases, and files for the business?applications
C. keeping information about the user (state information) keyed to their session,
so that an allowance can be made for single sign-on,
personalization, and so on.
D. ensuring, through dynamic allocation of resources, that there is always enough
processing power in place to meet service level agreements for
that user
Answer: A

QUESTION NO: 17
The solution advisor is analyzing the customer business processes and trying to
come up with corresponding security requirements related toThe solution advisor is
analyzing the customer? business processes and trying to come up with corresponding
security requirements related to authorization. The most comprehensive checklist
for targets for which IBM Tivoli Access Manager for e-business can provide
authorization includes: URLs, Java server pages, servlets, EJBs (programmatic,
declarative), .NET targets (programmatic, declarative), and C/C++ programs. Which
two options will be included on this checklist? (Choose two.)

A. UNIX security
B. RACF security
C. BEA J2EE targets
D. client-server applications
E. WebSphere Portal portlets
Answer: C,E

QUESTION NO: 18
The solution advisor is documenting a recommended future direction for a current
customer of IBM Tivoli identity, access, risk and compliance solutions. The
customer has implemented IBM Tivoli Identity Manager, IBM Tivoli Access Manager for
e-business, IBM Tivoli Compliance Insight Manager, and IBM Tivoli Security
Compliance Manager. This customer has solved several security exposures and
realizes the efficiencies and efficacy of integrated, enterprise-level security
within their enterprise. It is clear that a natural evolution for this customer is
to consider many of the same security services across enterprise boundaries. Which
three statements are true about the security of cross-enterprise transactions?
(Choose three.)

A. IBM Tivoli Federated Identity Manager is an appropriate investment for this

customer.
B. The key technology in any cross-enterprise configuration is enterprise content
filtering technology.
C. Any recommended approach must be based on Worldwide Federated Data Interchange
standards.
D. They can cover the cross-enterprise case simply by using cross-enterprise
options for the IBM Tivoli security products they already have.
E. The preferred route for addressing secure cross-enterprise (federated)
transactions is to base your approach on emerging Web services
architecture and standards.
F. A service-oriented architecture approach allows significant business expansion
with relatively minor investment, and securing this architecture
in a Web services standards-based fashion is critical to success.
Answer: A,E,F

QUESTION NO: 19
What are two permitted uses of IBM Tivoli Directory Integrator (Tivoli Directory
Integrator), Identity Edition? (Choose two.)

A. Tivoli Directory Integrator is used to transform sales data in flat files and
update records in a DB2 database.
B. Tivoli Directory Integrator is used to propagate user information managed in
Lotus Domino automatically to Active Directory when changes are
detected.
C. Tivoli Directory Integrator is used to read information from LDAP, RACF, and
DB2, and maintain all of these users in a new LDAP directory
used by Portal to authenticate users.
D. Tivoli Directory Integrator is used to monitor an Enterprise Service Bus for
certain messages, and then perform operations on databases or
other targets that Tivoli Directory Integrator supports.
E. The customer uses Remedy in a business unit, and needs to drive certain tickets
into Rational ClearQuest. Tivoli Directory Integrator is used to
add information about the ticket owner - located in an LDAP directory - to the
tickets that are inserted into ClearQuest.
Answer: B,C

QUESTION NO: 20
A business partner of IBM, specializing in security products, is interested in
setting up a specific system configured to simulate a few common network services.
They want to intentionally leave it exposed to the external network access, in
order to attract would-be attackers and study their attack patterns. Which term is
used to denote such a system?

A. Proxy
B. Honeypot
C. Web Server
D. Bastion Host
Answer: B

QUESTION NO: 21
What is an indication that the deployment of IBM Tivoli Identity Manager have
reached its maturity phase?

A. All significant applications are covered.

B. Password synchronization is implemented.
C. Role-based access control is fully implemented.
D. Full workflow for account management is implemented and the organizational tree
is established.
Answer: C

QUESTION NO: 22
Which security token may carry user attribute information as part of the defined
token format?

A. Kerberos
B. RACF Token
C. SAML Assertion
D. Username Token
Answer: C

QUESTION NO: 23
A recent security audit discovered an unauthorized access to a database on a UNIX
server by a system administrator. Which IBM Tivoli product is capable of enforcing
configured security policies so that system administrators cannot get unauthorized
access to the database on a UNIX server?

A. IBM Tivoli Compliance Insight Manager

B. IBM Tivoli Access Manager for RDBMS
C. IBM Tivoli Access Manager for e-business
D. IBM Tivoli Access Manager for Operating Systems
Answer: D

QUESTION NO: 24
What is the most common impediment to designing an automated security solution?

A. an unreliable connection to remote systems

B. too many firewalls between managed systems
C. an application interface that is unavailable on managed systems
D. nonstandard encryption protocols used for secure communications
Answer: C

QUESTION NO: 25
A customer write-up on business processes includes a description of handling
requests for new user identities or changes to identities. TheseA customer? write-
up on business processes includes a description of handling requests for new user
identities or changes to identities. These processes are handled in different ways
by different disciplines. For example, there is an RACF team to handle processing
of RACF identities and a UNIX team to handle processing of UNIX identities. From a
process standpoint, all these processes are documented. They all involve
assessments and approval processes. The customer seems fairly happy with how these
processes are running. However they are receiving complaints that the process of
issuing identities and updating identities is slow. Which two value propositions
might be presented to this customer that relate to their situation? (Choose two.)

A. Introducing intrusion detection will help the customer more quickly understand
if their various disciplines are under attack.
B. Automating the user provisioning processes can shorten the provisioning cycle,
increase satisfaction, and reduce help desk calls.
C. Managing the user provisioning processes with an enterprise-spanning solution
offers efficiencies and increases effectiveness.
D. Using automation to synchronize user information across platforms will reduce
erroneous information and improve business and application
processing.
E. Keeping these processes separate and distinct allows them to be focused on
individually and have process improvements that are particular to
each involved area (RACF, UNIX, and so on).
Answer: B,D

QUESTION NO: 26
Which two steps are performed by IBM Tivoli Identity Manager Middleware
Configuration Utility? (Choose two.)

A. installs and configures DB2 and TDS

B. creates user accounts for WebSphere
C. installs TDS referential integrity plug-in
D. creates user accounts for DB2 and TDS.
E. creates organizational structure contained in the authoritative source
Answer: A,D

QUESTION NO: 27
A customer is using IBM Tivoli Security Compliance Manager. They know which
servers/desktops are in compliance and which are not. Non-compliant servers/desktop
owners are notified of the steps they need to take to achieve compliance. Which two
additional actions further enhance the customer security process maturity level?
(Choose two.)Which two additional actions further enhance the customer? security
process maturity level? (Choose two.)

A. removing users?accounts until they can demonstrate compliance

B. removing Web single sign-on until users can demonstrate their machines are in
compliance
C. encrypting select files on offending server/desktop systems?disks, until they
can demonstrate compliance
D. providing a entry?service that prevents non-compliant machines from connecting
to the network, until they achieve complianceproviding a ?entry?service that
prevents non-compliant machines from connecting to the network, until they achieve
compliance
E. offering push-button compliance options, thereby simplifying the steps users
must take to get their non-compliant servers/desktops in
compliance
Answer: D,E

QUESTION NO: 28
Which security standard implemented by IBM Tivoli Access Manager for e-business
requires the use of TLSv1 for encryption?

A. PCI
B. SOX
C. FIPS
D. HIPPA
Answer: C

QUESTION NO: 29
Which activity is performed by IBM Tivoli Access Manager for Enterprise Single
Sign-on?

A. delivers access from fixed end point

B. user must pass strong authentication even in case of emergency
C. enables administrators to produce reports on who has access to what
D. provides real-time implementation of access security policies for users and
applications
Answer: D

QUESTION NO: 30
A good user management process includes the following tasks: - receive new user
identity requests - receive requests for changes to user identities - use access
policies to evaluate requests - gather approvals - place users in groups - update
accounts - synchronize passwords Which additional step is essential in a good user
management process?

A. back up directory information

B. check that existing accounts are valid
C. verify user management process ownership
D. grant or block access to programs based on access policy
Answer: B

QUESTION NO: 31
Which IBM Tivoli product, part of the zSecure suite, provides integrated
remediation for IBM Tivoli zSecure Audit?

A. IBM Tivoli zSecure Alert

B. IBM Tivoli zSecure Admin
C. IBM Tivoli Enterprise Console
D. IBM Tivoli zSecure Operations Manager
Answer: B

QUESTION NO: 32
A customer has a requirement to provide auditors with a list of all failed attempts
to access their Web-based applications. Which IBM Tivoli product satisfies this
auditing requirement?

A. IBM Tivoli Identity Director

B. IBM Tivoli Identity Manager
C. IBM Tivoli Security Compliance Manager
D. IBM Tivoli Access Manager for e-business
Answer: D

QUESTION NO: 33
Which information should a security advisor provide the customer when recommending
IBM Tivoli Compliance Insight Manager?

A. IBM will provide legal, accounting, or auditing advice.

B. Customers are responsible for ensuring their own compliance with various laws.
C. IBM warrants that its products or services will ensure that the customer is in
compliance with the law.
D. IBM only ensures that customers will be in compliance with Graham-Leach-Bliley
Act, Sarbanes-Oxley Act, and Health Insurance Portability and
Accountability Act.
Answer: B

QUESTION NO: 34
Which two standard-based interoperabilities does IBM Tivoli Security Policy Manager
deliver? (Choose two.)

A. SOX, HIPAA, ISO 27001, and GLBA

B. XML structure or WebSphere Plug-in
C. XACML standard for entitlements management
D. WS-Policy, WS-Security Policy for SOA security
E. SAML 1.0, WS-Federation, Liberty 1.1, and WS-Provisioning
Answer: C,D

QUESTION NO: 35
What are two main challenges IBM Tivoli zSecure Admin addresses? (Choose two.)

A. Higher risk exposure

B. Increase compliance
C. Decrease complexity
D. Increase IT investments
E. Reduce operational costs
Answer: C,E

QUESTION NO: 36
Which information should a customer baseline document include?Which information
should a customer? baseline document include?

A. description of IT organization and environment

B. list of all user IDs and passwords in the enterprise
C. comprehensive list of all audited elements in the network
D. detailed description of the customer original network configurationdetailed
description of the customer? original network configuration
Answer: A
QUESTION NO: 37
Which specification has completed the OASIS standardization process as of July,
2009?

A. WS-Policy
B. WS-Security
C. WS-Federation
D. WS-SecureConversation
Answer: B

QUESTION NO: 38
What is the objective of documenting the business and IT organizational structure
of a company?

A. It helps the solution advisor identify the number of products that need to be
deployed.
B. This step is essential to identify key areas of the business processes that
relate to security.
C. It indicates the approximate number of licenses required for each product the
company purchases.
D. The business organizational structure must match certain specifications for the
product to be usable.
Answer: B

QUESTION NO: 39
A client has the following requirements: a. Provide Web single sign-on (SSO) to SAP
Netveaver Application and J2EE based in-housed developed intranet Web applications
running on WebSphere application server. b. Centrally manage user ID provisioning
to CUA enabled SAP Netweaver Application. c. User Password Synchronization between
active directory and AIX servers. Which IBM Tivoli bundle will meet all of the
client requirements?

A. IBM Tivoli Unified SSO

B. IBM Tivoli Unified Access Manager
C. IBM Tivoli Identity and Access Manager
D. IBM Tivoli Identity and Access Assurance
Answer: C

QUESTION NO: 40
In security solution design development, when is the business and IT organizational
structure map documented?

A. when establishing the customer's baseline for planning purposes

B. when identifying opportunities for business partner security offerings
C. when evaluating the customer's IT processes, people and technologies
D. when defining a long-term vision for the future direction of the customer's
security solutions
Answer: A

QUESTION NO: 41
What are three main reasons to implement a Security Incident Event Management
Solution such as IBM Tivoli Security Information and Event Manager? (Choose three.)

A. Track and enforce security policies in the DMZ.

B. Have a global reporting tool for hackers' attacks.
C. Investigate policy violations and security breaches.
D. ability to monitor the availability of security systems
E. Demonstrate effectiveness of the overall enterprise security program.
F. Identify and prioritize most serious security issues that need response.
Answer: C,E,F

QUESTION NO: 42
What are two benefits of having IBM Tivoli Key Lifecycle Manager solution in place
within a customer environment? (Choose two.)

A. user tokens life-cycle management

B. improved authentication management
C. centralized password and token management
D. helps minimize the risk of loss of sensitive information
E. centralizes and automates the encryption key management process
Answer: D,E

QUESTION NO: 43
Which statement best describes IBM Tivoli Security Compliance Manager (Tivoli
Security Compliance Manager)?

A. Tivoli Security Compliance Manager analyzes system, middleware and network

devices security controls, and parameters according to a
configurable schedule.
B. Tivoli Security Compliance Manager analyzes system, middleware and network
devices security logs against a given security policy, and
provides deviations.
C. Tivoli Security Compliance Manager extracts system, middleware and network
devices security controls and parameters, compares them
against a given security policy and provides deviations.
D. Tivoli Security Compliance Manager extracts system, middleware and network
devices security controls, and parameters, compares them
against a given security policy, and provides a qualitative risk evaluation report.
Answer: C

QUESTION NO: 44
The customer has a clear security requirement for single sign-on (SSO). They want
SSO for their Web applications, for their client-server applications, and for a
significant number of cross-enterprise SOAP-based interactions with 10 of their key
business partners. Which statement is true about how IBM product(s) can meet this
customer security requirements?Which statement is true about how IBM product(s) can
meet this customer? security requirements?

A. IBM Tivoli Access Manager for e-business can handle all these requirements.
B. IBM Tivoli Access Manager for e-business addresses SSO for Web applications, IBM
Tivoli Identity Manager, and IBM Tivoli Directory Integrator
Web Service Receiver Server Connector can handle all the remaining requirements.
C. IBM Tivoli Access Manager for e-business addresses SSO for Web applications. IBM
Tivoli Federated Identity Manager, working with IBM Tivoli
Access Manager, can handle SSO for the cross-enterprise Business Partner
interactions. There is no technology that properly handles
client-server application SSO.
D. IBM Tivoli Access Manager for e-business addresses SSO for Web applications. IBM
Tivoli Federated Identity Manager, working with IBM Tivoli
Access Manager, can handle SSO for the cross-enterprise Business Partner
interactions. IBM Tivoli Access Manager for Enterprise SSO can
handle client-server SSO.
Answer: D

QUESTION NO: 45
Which two Web sites contain information about solutions and examples of IBM Tivoli
product implementations? (Choose two.)

A. IBM RedBooks Web site

B. IBM Tivoli Support Web site
C. IBM Global Campus Web site
D. IBM Global Services Web site
E. IBM DevelopersWorks Web site
Answer: A,E

QUESTION NO: 46
Who must approve a requirements specification?

A. the customer and the sales team

B. the customer and the implementation team
C. the implementation team and the sales team
D. the implementation team and the product support team
Answer: B

QUESTION NO: 47
All persons entering a corporation are required to swipe their employee badges to
get access to the building. Which procedure, if implemented, will prove to be a
stronger form of authentication than the current one?

A. Each employee inputs a unique user ID and password on a terminal to unlock the
door.
B. Each employee is given a key to the building, which they should not share with
others.
C. A security guard is deployed at the building entrance to check the identity of
each person requesting entrance.
D. The fingerprints of employees are scanned before they enter and are compared
with those recorded in a centralized database.
Answer: D

QUESTION NO: 48
Which IBM Tivoli security product provides single sign-on (SSO) support for both
UNIX Telnet and host-based mainframe applications?

A. IBM Tivoli Identity Manager

B. IBM Tivoli Federated Identity Manager
C. IBM Tivoli Access Manager for e-business
D. IBM Tivoli Access Manager for Enterprise SSO
Answer: D

QUESTION NO: 49
A client wants to use CAPTCHA authentication for their Web application access over
the internet. Which WebSEAL authentication method will meet the needs of the
client?

A. Token Authentication
B. Internal Authentication
C. External Authentication
D. Step-Up Authentication
Answer: C

QUESTION NO: 50
For which item are business rules catalogs effective in gathering requirements?

A. user registry layout

B. password strength policies
C. user interaction with the system
D. administrator interaction with the system
Answer: B

QUESTION NO: 51
When the Open Group certifies an IBM product, which advantage does the
certification bring to IBM?

A. IBM can begin to publish certification exam tests of that product.

B. IBM has international license to position the product as IBM certified.
C. IBM can begin to sell the product world-wide without legal restrictions.
D. IBM has a stamp of approval guaranteeing the interoperability of the certified
aspect of the product.
Answer: D

QUESTION NO: 52
Which two options are enabled by IBM Tivoli Security Operations Manager? (Choose
two.)

A. Automated Log Aggregations

B. Incident Tracking and Handling
C. Secure Centralized Management
D. Automated Centralized Data Retention
E. Secure Multi-platform Administration and Configuration
Answer: A,B

QUESTION NO: 53
Good workflow capability is a sign of maturity related to which aspect of security?

A. provisioning
B. authorization
C. authentication
D. new initiative deployment
Answer: A

QUESTION NO: 54
Which network client software collects policy data from collectors and summarizes
this data to provide its version information and the number of policy violations
that form the posture credentials to the CISCO Trust Agent client software?

A. CISCO Access Control Server

B. CISCO Trust Agent running on the network client system
C. Remediation Manager client running on the network client system
D. IBM Tivoli Security Compliance Manager client running on the network client
system
Answer: D

QUESTION NO: 55
In the meetings with a company key players, information is gathered on the company
operating system environments. It is discovered that theIn the meetings with a
company? key players, information is gathered on the company? operating system
environments. It is discovered that the customer relies on native operating system
security to secure access to these systems. This information will help in
developing a baseline document describing the customer current security
design.describing the customer? current security design. What are three security
gaps that result from the use of native operating system security? (Choose three.)

A. user management
B. centralized auditing
C. group management
D. network access control
E. password management
F. file system management
Answer: A,B,C