Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

IBM 000-695 Exam -

Free 000-695 Sample Questions:

1.An exhaustive list of business processes has been gathered from the customer. A subset of the customer tasks performed relating to user management includes: Receive
new user identity
requests Receive
requests for changes to user identities Use
access policies to evaluate
requests Gather
approvals Place
users in groups Update
accounts Synchronize
There is an important part of a good user management process that is missing. What is the missing process step?
A.Back up directory information.
B.Check that existing accounts are valid.
C.Verify user management process ownership.
D.Grant or block access to programs based on access policy.
Answer: B

2.Interviews with the customer indicate a concern that they are not reacting quickly enough to possible attacks coming from the Internet or from within their own company. They have a number of administrators who receive daily events and alerts if something unusual has happened but no one can remember the last time any significant investigation or action was started based on these alerts and events. What are some key words that would apply, as you consider what to document about achieving possible higher levels of maturity?
A.access control, firewall, and honey pot
B.provisioning, auditing, and content management
C.correlation, incident management, and automation
D.identification, policy automation, and agent less connection
Answer: C

3.Which three business goals are direct results of a successful security management process? (Choose three.)
A.Increased data integrity
B.Increased data duplication
C.Reduced impact of threats
D.Eliminated any risk of frauds
E.Reduced TCO (Total Cost of Ownership) for account management
F.Decreased risk awareness among employees not working in the IT security department
Answer: A, C, E

4.Which security capability relates most strongly to the customer business process eployment of new or updated application initiatives?
A.Firewalls because they protect the deployed applications from attack.
B.PKI because it makes it easy to drive single signon to the deployed applications.
C.Compliance management because the application is guaranteed to be running in a safe environment.
D.Callable authentication and access services because that eliminates the need to include authentication and access code in the applications.
Answer: D

5.Which information is necessary in order to determine a customer's IT environment infrastructure?
A.Last Enterprise inventory
B.Enterprise network topology
C.Company's most recent Asset declaration
D.Number of security personnel in the Enterprise
Answer: B

6.In terms of identity management maturity, what is the proper order with the highest maturity level (1.) at the top and the lowest maturity level (4.) on the bottom?
A.1. Extending security automation to business partners 2. Password management 3. Distributed administration 4. Provisioning approval and process automation
B.1. Password management 2. Distributed administration 3. Provisioning approval and process automation 4. Extending security automation to business partners
C.1. Extending security automation to business partners 2. Distributed administration 3. Provisioning approval and process automation 4. Password management
D.1. Provisioning approval and process automation 2. Distributed administration 3. Password management 4. Extending security automation to business partners
Answer: C

7.In gathering information about the customer's IT organization, the customer has mentioned the Operations staff, but has not included any details. Which three types of information would be useful when adding Operations to a diagram of the IT organization? (Choose three.)
C.Reporting chain
D.Hours of operation
E.Relation to Help Desk
Answer: B, C, E

8.In order to correctly understand the data protection requirements, which two groups of people must be interviewed? (Choose two.)
A.All managers
B.IT department personnel
C.Business Unit management
D.Legal department personnel
E.Human Resource department
Answer: C, D

9.Selecting from the list of options below, what would need to be accomplished during an initial meeting with the customer when reviewing a company organizational chart? 1. Identify key decision makers 2. Document the key players and their roles 3. Determine the products to be used 4. Proof of Concept of the products in the solution
Answer: D

10.As you review a list of a customer business processes, you notice that the only time they describe anything to do with passwords is in the context of some work they have done to synchronize passwords across a number of platforms. Which three options will help fill the gap in their approach to passwords? (Choose three.)
A.password mirroring
B.switch user capability password pickup
D.challengeresponse capability
E.authentication stepup capability
F.user selfcare for updating passwords
Answer: C, D, F

11.In discussions with the customer to determine their IT security process maturity levels, you encounter a number of interview subjects who seemed proud of their level of measuring the compliance of their servers and desktops to preestablished
security policy. They are using IBM Tivoli Security Compliance Manager and they know which servers/desktops are in compliance and which are not. Noncompliant servers/desktop owners are notified of the steps they need to take
to achieve compliance. Which two additional capabilities would further enhance the customer's
security process maturity level in this area? (Choose two.)
A.The ability to remove the user's accounts until they can demonstrate compliance.
B.The ability to encrypt select files on offending server/desktop systems?disks, until they can demonstrate compliance.
C.The ability to remove Web single signon until the user can demonstrate that their machine is back in compliance.
D.The ability to provide a entry service that prevents noncompliant machines from connecting to the network, until they achieve compliance.
E.The ability to offer pushbutton compliance options, simplifying the steps for users to get their noncompliant servers/desktops in compliance.
Answer: D, E

12.Information on the current IT organization has been gathered in order to create a diagram of the organization. This information includes : divisions location(s) / geographical information reporting chains What is another piece of essential information?
A.Business Units addresses
C.Help Desk functions
D.If the customer has a dedicated Operations Center
Answer: A

13.In order to document how the IT organization coordinates their efforts, which two elements should be considered in conjunction with how IT conducts its business? (Choose two.)
C.human resource
D.key performance indicators
E.strategic alignment with business /objectives
Answer: D, E

14.Which statement describes a risk management scenario?
A.server A holds data that only users in special class A can access.
B.banks nightly reconciliation data must be ciphered while sitting in message queues.
C.unless we accomplish Web single signon, we are likely to face dissatisfied users and high helpdesk costs.
D.all incoming security alerts and events must be analyzed quickly, in order to react to possible attacks on systems/networks.
Answer: D

15.When the pen Group certifies an IBM product, what advantage does the certification bring to IBM?
A.IBM can begin to publish certification exam tests of that product.
B.IBM can begin to sell the product worldwide without legal restrictions.
C.IBM has international license to position the product as IBM certified.
D.IBM has a stamp of approval guaranteeing the interoperability of the product.
Answer: C

16.Which three technologies would be considered when planning for Web single signon for a customer using IBM products? (Choose three.)
C.Transport Layer Security
D.Trust Association Interceptor
E.Lightweight Third Party Authentication
F.Lightweight Directory Access Protocol
Answer: B, D, E

17.As you analyze a customer business processes, you focus on a subset dealing with crossenterprise Web transactions, both HTMLand SOAPbased. Which three corresponding security requirements can be addressed by IBM Tivoli Federated Identity Manager? (Choose three.)
A.Federated (crossenterprise) Web single signon
B.Federated (crossenterprise) provisioning of users
C.Federated (crossenterprise) authorization of access to Web resources (SOAP only)
D.Federated (crossenterprise) authorization of access to Web resources (HTML only)
E.Federated (crossenterprise) authorization of access to Web resources (SOAP and HTML)
F.Federated (crossenterprise) assurance of compliance for both enterprises?desktops and servers
Answer: A, B, E

18.You are analyzing customer business processes to determine security requirements. Under the heading web Transactions employees and Customers you come across a business requirement described as nhance User Productivity What is the most likely corresponding security requirement?
C.single signon
D.user provisioning
Answer: C

19.A current IBM Tivoli security customer is highly satisfied with their current IBM Tivoli Identity Manager (ITIM) and IBM Tivoli Access Manager (ITAM) implementations. The customer feels they have benefited greatly from their user management and provisioning, authentication, authorization and Web single signon processes now in place. The customer sees the value of
Web services and wants to leverage their business partnerships to greatly expand the online services they offer for a relatively small investment. They are expecting that their existing ITIM and ITAM investments can simply be stretched to include these businesstobusiness (B2B) flows.
What is the main requirement that requires IBM Tivoli Federated Identity Manager to be added to this scenario?
A.The blocking of threats that might otherwise cross enterprise boundaries.
B.The handling of potentially multimillions of users, which neither ITIM nor ITAMeb was built to address.
C.The integration with firewalls that control security between any two businesses involved in these B2B flows.
D.The handling of multiple types of standardsbased protocols and user tokens that need to be passed between participating businesses.
Answer: D

20.Which IBM product is certified by Siebel for integration with Siebel V7?
A.IBM Tivoli Privacy Manager V1.2
B.IBM Tivoli Identity Manager V4.5.x
C.IBM Tivoli Directory Server V5.2
D.IBM Tivoli Access Manager for ebusiness V4.1
Answer: A

21.A customer has the need to consolidate authentication information for all existing products, such as IBM WebSphere, IBM Tivoli Access Manager, and IBM Tivoli Identity Manager with one single product. Which product can be an authentication information server for the customer?
B.IBM Privacy Manager
C.IBM Tivoli Directory Server
D.IBM Tivoli Directory Integrator
Answer: C

22.A current IBM Tivoli Access Manager for ebusiness customer wants to add the ability to provide services to 3 rd party company's employees. The customer does not want to create accounts and manage passwords for the 3 rd party company's employees. Which scenario would be best to meet this objective?
A.Implement a process for the customer to manually create the accounts
B.Use IBM Directory Integrator to synchronize the accounts between the two companies.
C.Install IBM Tivoli Identity Manager on the 3 rd party company side, and provision accounts back to the customer user registry.
D.Use IBM Tivoli Federated Identity Manager on the customer side as a Service Provider, and use a guest account for all the company employees when they access the site.
Answer: D

23.Which IBM Tivoli Product offers a component that is a point of contact for incoming federation requests?
A.IBM Tivoli Risk Manager
B.IBM Tivoli Access Manager
C.IBM Tivoli Identity Manager
D.IBM Tivoli Privacy Manager
Answer: B

24.Based on customer needs to gather information in their environment, which network client software is responsible for collecting policy data from the various collectors and summarizing the collector data to provide its version information and the number of policy violations that form the posture credentials to the CISCO Trust Agent client software?
A.Tivoli Risk Manager V4.2 log adapter
B.The CISCO Trust Agent running on the network client system.
C.The remediation manager client running on the network client system.
D.Tivoli Security Compliance Manager V5.1 client running on the network client system.
Answer: D

25.What IBM Tivoli Product must be configured to guard a company against Spyware?
A.IBM Tivoli Risk Manager
B.IBM Tivoli Privacy Manager
C.IBM Tivoli Access Manager
D.IBM Tivoli Identity Manager
Answer: B

26.You are documenting a recommended future direction for a current customer of IBM Tivoli identity, access, risk and compliance solutions. The customer has implemented IBM Tivoli Identity Manager, IBM Tivoli Access Manager for ebusiness,
IBM Tivoli Risk Manager, and IBM Tivoli Security Compliance Manager.) This customer has solved a good number of security exposures and is realizing the efficiencies and efficacy of integrated, enterpriselevel security within their enterprise. It is clear that a natural evolution for this customer is to consider many of the same security services across enterprise boundaries. Which three recommendations would you make pertaining to the security of crossenterprise transactions? (Choose three.)
A.IBM Tivoli Federated Identity Manager is an appropriate investment for this customer.
B.The key technology in any crossenterprise configuration is enterprise content filtering technology.
C.Any recommended approach must be based on Worldwide Federated Data Interchange (WWFDI) standards.
D.They can cover the crossenterprise case simply by using crossenterprise options for the IBM Tivoli security products they already have.
E.The preferred route for addressing secure crossenterprise (federated) transactions is to base your approach on emerging Web services architecture and standards.
F.A serviceoriented architecture approach allows significant business expansion with relatively minor investment, and securing this architecture in a Web services standardsbased fashion is critical to
Answer: A, E, F

27.Which technologies are most likely to be mentioned as influencing a company's future direction regarding IT security?
A.Passport, SPML, and NTLM
C.EDIFACT, SSH, and Key Recovery
D.WSFederation, XACML and J2EE
Answer: D

© 2014, All Rights Reserved