During installation WebSEAL provides a default certificate key database that is used to authenticate both clients and junctioned servers.

Which stanza entry of the WebSEAL configuration file points to the default certificate key database (i.e. kdb file)?

A. ssl-keyfile

B. jct-cert-keyfile

C. webseal-cert-keyfile

D. webseal-cert-keyfile-label

The deployed IBM Security Access Manager (ISAM) V9.0 solution in a company already contains a federated LDAP server. However, the dynamic group support is disabled. A deployment professional is required to change the existing federated LDAP server configuration to support the dynamic groups.

How should the deployment professional do this?

A. Re-federate the LDAP server with dynamic group support enabled

B. Manually modify the ldap.conf file and add `dynamic-groups-enabled=yes'

C. Manually modify the activedir.conf file and add `dynamic-groups-enabled=yes'

D. Edit the federated directory configuration using LMI method and select the checkbox "Enable dynamic group"

A deployment professional creates a support file on an IBM Security Access Manager V9.0 appliance.

What is the purpose?

A. For backup and recovery

B. To re-image the appliance

C. To help troubleshoot problems with the appliance

D. To capture a snapshot of the appliance configuration

An IBM Security Access Manager (ISAM) V9.0 deployment professional has downloaded a snapshot from an ISAM virtual appliance configured with reverse proxy. This snapshot is being applied to another virtual appliance.

Which condition must be met before applying a snapshot from one virtual appliance to another?

A. Both appliances must be in the same time zone

B. Both appliances must be at the same firmware level

C. Both appliances must have same application database setting

D. Both appliances must have the same activation keys applied.

Which hypervisor supports hosting the IBM Security Access Manager (ISAM) 9.0 virtual appliance?

A. QNX

B. Hyper-V

C. VMware ESXi

D. RHEL Workstation

A deployment professional is developing a script using REST APIs to monitor the status of WebSEAL instances.

Which attribute and value indicates a WebSEAL instance is down?

A. Instance "health" with a value of "1".

B. Instance "status" with a value of "running".

C. Root junction (/) "health" with a value of "1".

D. Root junction (/) "status" with a value of "running".

An IBM Security Access Manager V9.0 deployment at a customer has enabled audit.authz, audit.authn, audit.http for meeting auditing requirements and results in large volume of audit records and poses significant data management challenges to the client. The customer wants to exclude the audit events to certain static resources such as images.

What action should be taken to implement this?

A. Disable audit.http events only

B. Disable audit.http.unsuccessful events only

C. Define a POP with the audithttp set to "no"; attach this to the static resources

D. Define an ACL with the audithttp operation set to "no"; attach this to the static resources

Which one is supported to externalize the Advanced Access Control runtime database?

A. DB2

B. MySQL

C. PostgreSQL

D. Berkeley DB

A customer wants to replace an IBM Security Access Manager V7.0 Session Management Server with the ISAM 9.0 Distributed Session Cache.

Which DSC configuration must be completed to allow SSL communication?

A. Create new replica set

B. Configure DSC to listen on port 443

C. Select "Support internal clients only" in the Session Cache tab of the LMI.

D. Select "Enable SSL" and choose a certificate in the Session Cache tab of the LMI.

A customer is deploying an IBM Security Access Manager V9.0 solution to protect back end resources and is planning to use an LDAP Server that is set up to use SSL server authentication.

What is required to enable SSL to secure communications with LDAP?

A. LDAP server's private key

B. LDAP server's public key stash file

C. LDAP server's CA signer certificate

D. LDAP server's private and public key