Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Version
QUESTION NO: 1
The Information Security department is using a paper-based approval process to
grant user access to applications and systems. Internal audit has revealed that
some of the user accesses were altered without proper approvals. The customer wants
to implement a solution that will report on unauthorized user access modification
and modify the user access to original state. Which IBM Tivoli product will be
recommended?
QUESTION NO: 2
Which is the best strategy for implementing security solutions in an enterprise?
QUESTION NO: 3
Which security capability is most closely associated with the customer business
process eployment of new or updated application initiatives?Which security
capability is most closely associated with the customer business process ?eployment
of new or updated application initiatives?
QUESTION NO: 4
A customer has resources being managed in different facilities. When a security
solution is configured, what is the most important element to consider in the
design of the system?
QUESTION NO: 6
An organization requires that all users have anti-virus software installed and
active on their respective workstations at all times. However, they find they do
not have an automated way to check whether users conform to this requirement. Which
IBM Tivoli solution can help the organization automate these checks?
QUESTION NO: 7
IBM is using Value Unit Pricing methodology and charges metric for program license
entitlements, which is based upon the quantity of a specific designated measurement
used for a given program. What are three valid Value Units? (Choose three.)
QUESTION NO: 8
Which IBM Tivoli solution can help increase customer revenue and achieve cost
savings?
QUESTION NO: 9
A customer needs to have a federated single sign-on with a requirement not to have
any user identifiable information transmitted between parties. Which two protocols
supported by IBM Tivoli Federated Identity Manager fulfill this requirement?
(Choose two.)
A. SAML V1.0
B. Liberty V1.2
C. Liberty V1.1
D. WS-Federation
E. WS-Provisioning
Answer: B,C
QUESTION NO: 10
Which two business goals are accomplished through the implementation of a
successful automated security management process? (Choose two.)
QUESTION NO: 11
The current requirements specification document for a project dictates that a
report be available to show a company workstation and server securityThe current
requirements specification document for a project dictates that a report be
available to show a company? workstation and server security policy violations.
Which IBM Tivoli solution can address this requirement?
QUESTION NO: 12
Given a directory service architecture made up of directory proxies frontends and
directory servers backends, which statement is true about a distributed directory
configuration on proxies?
QUESTION NO: 13
What is the most common event collection method used by IBM Tivoli Compliance
Insight Manager?
A. Agent
B. Event
C. Batch
D. Timed
Answer: C
QUESTION NO: 14
A customer says: e are going through the latest big initiative right now. The focus
is on the time to market with new, bigger, and better Web-basedA customer says: ?e
are going through the latest big initiative right now. The focus is on the time to
market with new, bigger, and better Web-based business applications. We have no
time for implementing stronger security and we do not see how you can help us with
this.?business applications. We have no time for implementing stronger security and
we do not see how you can help us with this. What is the primary security
requirement indicated by the customer statement?What is the primary security
requirement indicated by the customer? statement?
QUESTION NO: 15
Which three aspects of audit/compliance can be addressed by IBM Tivoli security
solutions? (Choose three.)
A. security of servers
B. audit of user identities/accounts
C. physical building access security
D. compliancy of a financial application
E. audit of security of business partners
F. audit of access control (policy and actuals)
Answer: A,B,F
QUESTION NO: 16
What is provisioning a user?
QUESTION NO: 17
The solution advisor is analyzing the customer business processes and trying to
come up with corresponding security requirements related toThe solution advisor is
analyzing the customer? business processes and trying to come up with corresponding
security requirements related to authorization. The most comprehensive checklist
for targets for which IBM Tivoli Access Manager for e-business can provide
authorization includes: URLs, Java server pages, servlets, EJBs (programmatic,
declarative), .NET targets (programmatic, declarative), and C/C++ programs. Which
two options will be included on this checklist? (Choose two.)
A. UNIX security
B. RACF security
C. BEA J2EE targets
D. client-server applications
E. WebSphere Portal portlets
Answer: C,E
QUESTION NO: 18
The solution advisor is documenting a recommended future direction for a current
customer of IBM Tivoli identity, access, risk and compliance solutions. The
customer has implemented IBM Tivoli Identity Manager, IBM Tivoli Access Manager for
e-business, IBM Tivoli Compliance Insight Manager, and IBM Tivoli Security
Compliance Manager. This customer has solved several security exposures and
realizes the efficiencies and efficacy of integrated, enterprise-level security
within their enterprise. It is clear that a natural evolution for this customer is
to consider many of the same security services across enterprise boundaries. Which
three statements are true about the security of cross-enterprise transactions?
(Choose three.)
QUESTION NO: 19
What are two permitted uses of IBM Tivoli Directory Integrator (Tivoli Directory
Integrator), Identity Edition? (Choose two.)
A. Tivoli Directory Integrator is used to transform sales data in flat files and
update records in a DB2 database.
B. Tivoli Directory Integrator is used to propagate user information managed in
Lotus Domino automatically to Active Directory when changes are
detected.
C. Tivoli Directory Integrator is used to read information from LDAP, RACF, and
DB2, and maintain all of these users in a new LDAP directory
used by Portal to authenticate users.
D. Tivoli Directory Integrator is used to monitor an Enterprise Service Bus for
certain messages, and then perform operations on databases or
other targets that Tivoli Directory Integrator supports.
E. The customer uses Remedy in a business unit, and needs to drive certain tickets
into Rational ClearQuest. Tivoli Directory Integrator is used to
add information about the ticket owner - located in an LDAP directory - to the
tickets that are inserted into ClearQuest.
Answer: B,C
QUESTION NO: 20
A business partner of IBM, specializing in security products, is interested in
setting up a specific system configured to simulate a few common network services.
They want to intentionally leave it exposed to the external network access, in
order to attract would-be attackers and study their attack patterns. Which term is
used to denote such a system?
A. Proxy
B. Honeypot
C. Web Server
D. Bastion Host
Answer: B
QUESTION NO: 21
What is an indication that the deployment of IBM Tivoli Identity Manager have
reached its maturity phase?
QUESTION NO: 22
Which security token may carry user attribute information as part of the defined
token format?
A. Kerberos
B. RACF Token
C. SAML Assertion
D. Username Token
Answer: C
QUESTION NO: 23
A recent security audit discovered an unauthorized access to a database on a UNIX
server by a system administrator. Which IBM Tivoli product is capable of enforcing
configured security policies so that system administrators cannot get unauthorized
access to the database on a UNIX server?
QUESTION NO: 24
What is the most common impediment to designing an automated security solution?
QUESTION NO: 25
A customer write-up on business processes includes a description of handling
requests for new user identities or changes to identities. TheseA customer? write-
up on business processes includes a description of handling requests for new user
identities or changes to identities. These processes are handled in different ways
by different disciplines. For example, there is an RACF team to handle processing
of RACF identities and a UNIX team to handle processing of UNIX identities. From a
process standpoint, all these processes are documented. They all involve
assessments and approval processes. The customer seems fairly happy with how these
processes are running. However they are receiving complaints that the process of
issuing identities and updating identities is slow. Which two value propositions
might be presented to this customer that relate to their situation? (Choose two.)
A. Introducing intrusion detection will help the customer more quickly understand
if their various disciplines are under attack.
B. Automating the user provisioning processes can shorten the provisioning cycle,
increase satisfaction, and reduce help desk calls.
C. Managing the user provisioning processes with an enterprise-spanning solution
offers efficiencies and increases effectiveness.
D. Using automation to synchronize user information across platforms will reduce
erroneous information and improve business and application
processing.
E. Keeping these processes separate and distinct allows them to be focused on
individually and have process improvements that are particular to
each involved area (RACF, UNIX, and so on).
Answer: B,D
QUESTION NO: 26
Which two steps are performed by IBM Tivoli Identity Manager Middleware
Configuration Utility? (Choose two.)
QUESTION NO: 27
A customer is using IBM Tivoli Security Compliance Manager. They know which
servers/desktops are in compliance and which are not. Non-compliant servers/desktop
owners are notified of the steps they need to take to achieve compliance. Which two
additional actions further enhance the customer security process maturity level?
(Choose two.)Which two additional actions further enhance the customer? security
process maturity level? (Choose two.)
QUESTION NO: 28
Which security standard implemented by IBM Tivoli Access Manager for e-business
requires the use of TLSv1 for encryption?
A. PCI
B. SOX
C. FIPS
D. HIPPA
Answer: C
QUESTION NO: 29
Which activity is performed by IBM Tivoli Access Manager for Enterprise Single
Sign-on?
QUESTION NO: 30
A good user management process includes the following tasks: - receive new user
identity requests - receive requests for changes to user identities - use access
policies to evaluate requests - gather approvals - place users in groups - update
accounts - synchronize passwords Which additional step is essential in a good user
management process?
QUESTION NO: 31
Which IBM Tivoli product, part of the zSecure suite, provides integrated
remediation for IBM Tivoli zSecure Audit?
QUESTION NO: 32
A customer has a requirement to provide auditors with a list of all failed attempts
to access their Web-based applications. Which IBM Tivoli product satisfies this
auditing requirement?
QUESTION NO: 33
Which information should a security advisor provide the customer when recommending
IBM Tivoli Compliance Insight Manager?
QUESTION NO: 34
Which two standard-based interoperabilities does IBM Tivoli Security Policy Manager
deliver? (Choose two.)
QUESTION NO: 35
What are two main challenges IBM Tivoli zSecure Admin addresses? (Choose two.)
QUESTION NO: 36
Which information should a customer baseline document include?Which information
should a customer? baseline document include?
A. WS-Policy
B. WS-Security
C. WS-Federation
D. WS-SecureConversation
Answer: B
QUESTION NO: 38
What is the objective of documenting the business and IT organizational structure
of a company?
A. It helps the solution advisor identify the number of products that need to be
deployed.
B. This step is essential to identify key areas of the business processes that
relate to security.
C. It indicates the approximate number of licenses required for each product the
company purchases.
D. The business organizational structure must match certain specifications for the
product to be usable.
Answer: B
QUESTION NO: 39
A client has the following requirements: a. Provide Web single sign-on (SSO) to SAP
Netveaver Application and J2EE based in-housed developed intranet Web applications
running on WebSphere application server. b. Centrally manage user ID provisioning
to CUA enabled SAP Netweaver Application. c. User Password Synchronization between
active directory and AIX servers. Which IBM Tivoli bundle will meet all of the
client requirements?
QUESTION NO: 40
In security solution design development, when is the business and IT organizational
structure map documented?
QUESTION NO: 41
What are three main reasons to implement a Security Incident Event Management
Solution such as IBM Tivoli Security Information and Event Manager? (Choose three.)
QUESTION NO: 42
What are two benefits of having IBM Tivoli Key Lifecycle Manager solution in place
within a customer environment? (Choose two.)
QUESTION NO: 43
Which statement best describes IBM Tivoli Security Compliance Manager (Tivoli
Security Compliance Manager)?
QUESTION NO: 44
The customer has a clear security requirement for single sign-on (SSO). They want
SSO for their Web applications, for their client-server applications, and for a
significant number of cross-enterprise SOAP-based interactions with 10 of their key
business partners. Which statement is true about how IBM product(s) can meet this
customer security requirements?Which statement is true about how IBM product(s) can
meet this customer? security requirements?
A. IBM Tivoli Access Manager for e-business can handle all these requirements.
B. IBM Tivoli Access Manager for e-business addresses SSO for Web applications, IBM
Tivoli Identity Manager, and IBM Tivoli Directory Integrator
Web Service Receiver Server Connector can handle all the remaining requirements.
C. IBM Tivoli Access Manager for e-business addresses SSO for Web applications. IBM
Tivoli Federated Identity Manager, working with IBM Tivoli
Access Manager, can handle SSO for the cross-enterprise Business Partner
interactions. There is no technology that properly handles
client-server application SSO.
D. IBM Tivoli Access Manager for e-business addresses SSO for Web applications. IBM
Tivoli Federated Identity Manager, working with IBM Tivoli
Access Manager, can handle SSO for the cross-enterprise Business Partner
interactions. IBM Tivoli Access Manager for Enterprise SSO can
handle client-server SSO.
Answer: D
QUESTION NO: 45
Which two Web sites contain information about solutions and examples of IBM Tivoli
product implementations? (Choose two.)
QUESTION NO: 46
Who must approve a requirements specification?
QUESTION NO: 47
All persons entering a corporation are required to swipe their employee badges to
get access to the building. Which procedure, if implemented, will prove to be a
stronger form of authentication than the current one?
A. Each employee inputs a unique user ID and password on a terminal to unlock the
door.
B. Each employee is given a key to the building, which they should not share with
others.
C. A security guard is deployed at the building entrance to check the identity of
each person requesting entrance.
D. The fingerprints of employees are scanned before they enter and are compared
with those recorded in a centralized database.
Answer: D
QUESTION NO: 48
Which IBM Tivoli security product provides single sign-on (SSO) support for both
UNIX Telnet and host-based mainframe applications?
QUESTION NO: 49
A client wants to use CAPTCHA authentication for their Web application access over
the internet. Which WebSEAL authentication method will meet the needs of the
client?
A. Token Authentication
B. Internal Authentication
C. External Authentication
D. Step-Up Authentication
Answer: C
QUESTION NO: 50
For which item are business rules catalogs effective in gathering requirements?
QUESTION NO: 51
When the Open Group certifies an IBM product, which advantage does the
certification bring to IBM?
QUESTION NO: 52
Which two options are enabled by IBM Tivoli Security Operations Manager? (Choose
two.)
QUESTION NO: 53
Good workflow capability is a sign of maturity related to which aspect of security?
A. provisioning
B. authorization
C. authentication
D. new initiative deployment
Answer: A
QUESTION NO: 54
Which network client software collects policy data from collectors and summarizes
this data to provide its version information and the number of policy violations
that form the posture credentials to the CISCO Trust Agent client software?
QUESTION NO: 55
In the meetings with a company key players, information is gathered on the company
operating system environments. It is discovered that theIn the meetings with a
company? key players, information is gathered on the company? operating system
environments. It is discovered that the customer relies on native operating system
security to secure access to these systems. This information will help in
developing a baseline document describing the customer current security
design.describing the customer? current security design. What are three security
gaps that result from the use of native operating system security? (Choose three.)
A. user management
B. centralized auditing
C. group management
D. network access control
E. password management
F. file system management
Answer: A,B,C