Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
CWNP exams CWNP
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
GIAC exams GIAC
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
ISEB exams ISEB
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

IBM 000-875 Exam - Cheat-Test.com

Free 000-875 Sample Questions:

1.Under which IBM Tivoli Federated Identity Manager Console main menu option would you find the settings for logging and tracing?
A.Service Settings
B.Logging and Auditing
C.Service Management
D.Monitoring and Logging
Answer: A

2.Consider the following scenario involving customers of companies RBTelco and RBBenefits. RBTelco is a large multinational company that outsources health care benefit management to RBBenefits. RBTelco employees access RBBenefits resources through an authenticateable account at each company. RBTelco employees are being moved to a federated environment.
Employees will access RBBenefits's resources using Single SignOn. When Single SignOn is enabled, all RBTelco employees will be migrated to the federated Single SignOn implementation. RBTelco employees will have access to RBBenefits's resources based on his or her RBTelco authentication. After the migration, ALL access to RBBenefits's resources will be by Single
SignOn from RBTelco direct authentication to RBBenefits by a RBTelco employee will not be possible. RBBenefits requires that RBTelco identify each employee with an alias that is based on a mathematical function using the employee number, social insurance number, and several other variables (shared between RBTelco and RBBenefits only). They will use a Liberty IDFF
1.2 Browser/POST approach for Single SignOn between companies. The number of machines required to support this environment when each machine is an Intelbased processor with 1GB RAM, 10 GB hard drive, and RHEL 30 is:
A.2 = (TAMeB WebSEAL on one machine) + (remainder TAMeB and all ITFIM components on one machine)
B.3 = (TAMeB WebSEAL on one machine) + (remainder TAMeB on one machine) + (all ITFIM components on one machine)
C.3 = (TAMeB WebSEAL on one machine) + (remainder TAMeB and ITFIM runtime/management on one machine) + (remainder ITFIM on one machine)
D.2 = (TAMeB WebSEAL and IBM Tivoli Federated Identity Manager (ITFIM) runtime/management on one machine) + (remainder TAMeB and ITFIM on one machine)
Answer: C

3.What would result in this error message? com.tivoli.am.fim.trustserver.sts.STSException:
FBTSTM015E The given TokenType or
AppliesTo({{https://sp.benefitsx.com/demo/FIMDemo/Benefits/protected/accountinfo.jsp};{};{}}) in
the request is not supported by this server's configuration for
http://schemas.xmlsoap.org/ws/2004/04/security/trust/Validate RequestType and Issuer
({{https://idp.myemployerx.com/FIM/sps/wsfed/wsf};{};{}}).
A.An incorrect certificate has been configured at the Service Provider.
B.The resource being requested by the Identity Provider is not recognised.
C.The clocks on the Identity Provider and Service Provider are out of sync.
D.The partner realm name at the Service Provider has been configured incorrectly.
Answer: D

4.Which two security tokens may carry user attribute information as part of the defined token format? (Choose two.)
A.Kerberos
B.X.509 Token
C.SAML Assertion
D.Liberty Assertion
E.Username Token
Answer: C, D

5.Which two commands can be used to query the status of WebSEAL servers on the local machine? (Choose two.)
A.iv status
B.amstatus
C.pdweb status
D.pd_start status
E.webseald status
Answer: C, D

6.CompanyA has created a web service application for use by both its trading partners. The application requires a web services security request that includes a SAML token identifying both the enduser and attributes of that user. The trading partners have agreed to submit a web service request with a signed SAML token that includes both the user's identity and attributes of the user.
The SAML attributes will vary by partner but the application requires a consistent set of attributes for example, the same set of attributes are required for all client requests. SAML Assertions must be authenticated via validation of the token's element. Which scenario satisfies the requirements of the application?
A.A WSSM Partner is configured for each trading partner. Each WSSM Partner configuration specifies the
mapping rules required to transform the identity & attributes received from the partner into those required
by the application. The signed SAML token of each WSSM partner will be validated with a key that is
unique to that trading partner.
B.A WSSM Partner is configured for each trading partner that is not already part of a SAML federation for
SSO. The mapping rules for all partners must transform the identity and attributes received from the
partner into those required by the application. The signed SAML token of each partner will be validated
with a key that is unique to that trading partner.
C.The SAML token submitted by the trading partner is known to be trustworthy because its element will be
validated by WebSphere. A WSSM Partner is configured for each trading partner and each configuration
specifies the mapping rules required to transform the attributes received from the partner into those
required by the application.
D.A Web Services Security Management (WSSM) Partner is configured for each trading partner. The
signed SAML token of each WSSM partner is validated with a key that is unique to that trading partner.
Because all partners submit a SAML token, mapping rules are not required. SAML is a standard and all
elements of a SAML token must comply with that standard.
Answer: A

7.What public/private key information must be provided by a partner organization in order to configure them as a Liberty partner?
A.Public Key used to Sign Assertions, Public Key used to Sign Messages
B.Public Key used to Sign Assertions, Private Key used to Sign Messages
C.Private Key used to Sign Assertions, Private Key used to Sign Messages
Answer: A

8.What error condition would cause the error message below to appear in the logs? FBTLIB204E No federation exists for this principal
A.Consent to federate was not granted.
B.IBM Tivoli Access Manager user account is invalid.
C.The federation being requested by the user has not been enabled.
D.The federation being requested has not been defined for this user.
Answer: A

9.What triggers the onsent to Federate page to be displayed?
A.The Consent flag is set in an incoming federate request.
B.The Consent flag is set in an incoming authentication request.
C.The Identity Provider configuration requires the page to be displayed.
D.The Service Provider configuration requires the page to be displayed.
Answer: C

10.What protocol should the Service Provider (SP) and Identity Provider (IDP) use to obtain the
SAML assertion from a browser artifact?
A.SSL
B.SOAP
C.DCOM
D.WSMetaData
Answer: B

11.Once you have successfully placed your custom alias service plugin in the correct location, what are the three Runtime custom properties required to enable your plugin? (Choose three.)
A.com.tivoli.am.fim.alias.factory.moduleId
B.com.tivoli.am.fim.alias.service.factory.id
C.com.tivoli.am.fim.alias.service.moduleName
D.com.tivoli.am.fim.alias.factory.moduleVersion
E.com.tivoli.am.fim.alias.service.moduleVersion
F.com.tivoli.am.fim.alias.factory.exposedClassId
Answer: A, D, F

12.Which IBM Tivoli Directory Server utility is used to perform LDAP tracing?
A.ldtrc
B.trace
C.slapdtrc
D.ldapmodify
Answer: A

13.A financial planning company would like to enter into a Federation with an online business partner who provides financial forecasting and modeling for customers. The expected user flow would have the customer authenticating to their account with the financial planner and selecting a special link for orecasting and Modeling. This would redirect the user to the business partner
who would obtain the customer's portfolio information and balances via a realtime back channel communication initiated by a Liberty IDFF V1.1 Browser/Artifact SSO flow. This information will be used by the business partner to establish and update the user's local business partner side information. What can you determine about the type of provisioning solution that has been agreed upon?
A.a piori
B.runtime
C.no account linking
D.unable to determine
Answer: B

14.What do the IBM Extensions to the SAML Single SignOn (SSO) protocol enable?
A.the SSO profile to be specified in the SSO Trigger
B.an SSO exchange to be initiated from the Service Provider
C.signed messages to be passed over the SOAP backchannel
D.additional identity mapping information to be passed in the SAML message
Answer: A

15.In order to write a plugin that implements a custom Alias service, what are the two required public interfaces that need to be implemented? (Choose two.)
A.com.tivoli.am.fim.service.CustomService
B.com.tivoli.am.fim.alias.service.AliasServiceClient
C.com.tivoli.am.fim.identity.service.client.IdServiceClient
D.com.tivoli.am.fim.alias.service.AliasServiceClientFactory
E.com.tivoli.am.fim.identity.service.client.IdServiceClientFactory
Answer: C, E

16.What must be unique across all federations?
A.Provider ID
B.SSO Protocol
C.Point of Contact
D.Identity Mapping Rules
Answer: A

17.What are two locations to turn on per process tracing of WebSEAL? (Choose two.)
A.in the pd.conf file
B.with the pdconfig utility
C.using pdadmin trace functions
D.routing file for the WebSEAL instance
E.in the WebSEAL configuration file (websealddefault.conf)
Answer: C, D

18.What is the most likely cause of this failure? ============================ 20050320
19:49:06.43706:
00 ip1 trustservice WebContainer : 0 ============================
A.The module chain does not exist.
B.The module chain is incorrectly configured.
C.The IBM Tivoli Federated Identity Manager Trust Server cannot map the request to a module chain.
D.The IBM Tivoli Federated Identity Manager Trust Server is stopped and cannot process the request.
Answer: B

19.When configured for a Service Provider side Liberty V1.2 Federation, which functionality will require the IBM Tivoli Federated Identity Manager Alias Service? (Choose three.)
A.Single SignOn
B.Single SignOff
C.One Time Identifiers
D.Consent to Federate
E.Identity Provider Proxy
F.Register Name Identifier
Answer: A, B, F

20.Assuming /FIM is the junction defined with defaults for the Federated Single SignOn using WSFederation and IBM Tivoli Federated Identity Management, what policy is required at the Identity Provider so that only the SSL connection is allowed to the Single SignOn Protocol Service?
A.Attach a POP with qop set to ssl.
B.Attach a POP with qop set to none.
C.Attach a POP with qop set to privacy.
D.Attach a POP with qop set to integrity.
Answer: C

21.When deploying IBM Tivoli Federated Identity Manager V6.0 (ITFIM) with IBM Tivoli Access Manager V5.1 (TAM), what is the minimum TAM fix pack level required?
A.Fix Pack 2
B.Fix Pack 4
C.Fix Pack 6
D.Fix Pack 8
Answer: C

22.What configuration must be accomplished through the IBM Tivoli Federated Identity Manager (ITFIM) console to enable an ITFIM Federated Provisioning service?
A.Identify Proxy URL
B.Enable ITFIM Federated Provisioning Service
C.Link ITFIM Alias Service to Provisioning Service
D.Enable IDI Assembly Line for Federated Provisioning
Answer: A

23.Given that IBM Tivoli Federated Identity Management is installed and configured with WSProvisioning service at the Identity Provider using WSFederation as the Single SignOn protocol, Tivoli Access Manager for ebusiness is installed and configured with IBM Tivoli Directory Server as the user repository, and an assembly line called FIM_WS_Provisioning is configured to detect IBM Tivoli Access Manager user ID changes. Which three actions need to be done so that the detection mechanism in the assembly line is successfully verified? (Choose three.)
A.Create any LDAP entry.
B.Create Tivoli Access Manager User.
C.Turn on the change log option for IBM Tivoli Directory Server.
D.Turn on the trace option on the config screen of the assembly line component.
E.Turn on the detail log option on the config screen of the assembly line component.
F.Turn on the trace option on the config screen of the assembly line component and set log level to Debug.
Answer: B, C, E

24.Which two techniques can be used to add custom attributes to the IBM Tivoli Access Manager credential built at the Service Provider? (Choose two.)
A.static text in XSL mapping rule
B.configure a call to the Identity Provider Attribute Service
C.configure WebSEAL with a Credential Attribute Entitlement Service
D.information extracted from certificates in DefaultTrustedKeyStore.jks
E.configure WebSEAL to add extended attributes from protected objectspace
Answer: A, C

25.Assume that IBM Tivoli Federated Identity Manager (ITFIM) is installed and configured with Federated Single SignOn
(Liberty IDFF 1.2) and Federated Provisioning at RBTelco, acting as an Identity Provider. Assume also that an assembly line is configured such that when an existing user is deleted at RBTelco, a federated provisioning request is sent to the RBBenefits, acting as a Service Provider. Assume that in response to this request, RBBenefits will not delete the user but will disable the user for Single SignOn from RBTelco. Which two steps will allow you to verify the correct deprovisioning of the existing user at RBBenefits? (Choose two.)
A.Attempt direct authentication to RBBenefits.
B.Attempt Single SignOn from RBTelco to RBBenefits.
C.Examine stored alias information for the user at RBBenefits.
D.Delete IBM Tivoli Access Manager User at the RBTelco side.
E.Delete IBM Tivoli Access Manager User at the RBBenefits side.
Answer: C, D

26.Which action will confirm WebSEAL is running AND the Policy Server is able to connect to it successfully?
A.access WebSEAL with a browser
B.telnet to the WebSEAL system from the Policy Server
C.telnet from the WebSEAL system to the Policy Server
D.a server show of the WebSEAL using the pdadmin command line interface
Answer: D

27.How many endpoints are specified when adding a partner to a WSFederation type federation?
A.1
B.2
C.3
D.4
Answer: A


© 2014 Cheat-Test.com, All Rights Reserved